		@@ -5,45 +5,35 @@ /// <reference types="fibjs" />
		declare namespace FibAppACL {
		type ACLAct = 'create' \| 'read' \| 'write' \| 'delete' \| 'find'
		type ACLAct = 'create' \| 'read' \| 'write' \| 'delete' \| 'find' \| string
		type ACLAllAct = '*'

		type ACLActString = ACLAct \| ACLAllAct
		type ACLActStringList = /* ACLAct \| ACLAllAct \| */string[]

		type ExtendModelNameType = string
		type AclPermisionAllowedFieldListType = ACLActString[]
		type AclPermisionBooleanType = boolean
		type AclPermissionType = boolean \| AclPermisionAllowedFieldListType
		type Undefinable<T> = T \| undefined

		type OrmFieldName = string
		type ACLPermisionAllowedFieldListType = OrmFieldName[]
		type ACLPermissionBooleanOrArrayType = boolean \| ACLPermisionAllowedFieldListType
		type ACLPermisionBooleanOrActActStringListType = boolean \| ACLActStringList
		type ACLPermisionBooleanType = boolean
		type AclPermissionType__Create = Undefinable<AclPermissionType>;
		type AclPermissionType__Read = Undefinable<AclPermissionType>;
		type AclPermissionType__Write = Undefinable<AclPermissionType>;
		type AclPermissionType__Delete = Undefinable<AclPermisionBooleanType>;
		type AclPermissionType__Find = Undefinable<AclPermisionBooleanType>;

		type AClPermissionDescriptorKey = string \| '*'

		type AclPermissionDescriptorKey = keyof RoleActDescriptorStruct
		interface AssociationModelACLDefinitionHash {
		[extendModelName: string]: RoleActDescriptor
		}
		interface RoleActDescriptorStruct {
		/* with key AClPermissionDescriptorKey :start */
		create?: ACLPermissionBooleanOrArrayType
		read?: ACLPermissionBooleanOrArrayType;
		write?: ACLPermissionBooleanOrArrayType;
		delete?: ACLPermisionBooleanType;
		find?: ACLPermisionBooleanType;
		'*'?: ACLPermisionBooleanOrActActStringListType
		/* with key AClPermissionDescriptorKey :end */
		'*'?: Undefinable<AclPermisionBooleanType>;
		create?: AclPermissionType__Create;
		read?: AclPermissionType__Read;
		write?: AclPermissionType__Write;
		delete?: AclPermissionType__Delete;
		find?: AclPermissionType__Find;

		// invalid for entry{[id], roles}
		extends?: HashOfAssociationModelACLDefinition
		extends?: AssociationModelACLDefinitionHash
		}
		type RoleActDescriptor = RoleActDescriptorStruct \| boolean
		interface OACLDescriptorStruct extends RoleActDescriptorStruct {}

		type RoleKeyInRoleActDescriptionHash = string
		interface RoleActDescriptorHash {
		[roleName: string/* RoleKeyInRoleActDescriptionHash */]: RoleActDescriptor
		}
		interface HashOfAssociationModelACLDefinition {
		// MODEL_NAME, '*'
		// [extendModelName: string]: ACLDefinition \| boolean
		[extendModelName: string]: RoleActDescriptor \| boolean
		}

		interface OACLDescriptorStruct extends RoleActDescriptorStruct {
		}
		type RoleActDescriptor = RoleActDescriptorStruct \| boolean \| undefined \| AclPermisionAllowedFieldListType
		type OACLDescriptor = OACLDescriptorStruct \| boolean
		@@ -53,15 +43,7 @@
		type OACLGeneratorFn = (sess: FibApp.FibAppSession) => OACLDefinition

		type FibACLDef = ACLGeneratorFn \| ACLDefinition
		type FibOACLDef = OACLGeneratorFn \| OACLDefinition

		type FibACLDefResult = ACLDefinition

		type ACLExtendModelNameType = string;
		interface ACLToExntedModel {
		}

		// '*', [ID], 'roles'
		type ACLDefineSubjectName = '*' \| 'roles' \| string

		// key is ACLDefineSubjectName

		type AclDefinitionKeyname = keyof ACLDefinition
		interface ACLDefinition {
		@@ -75,32 +57,11 @@ // judge guest(all) visitor
		}
		interface RoleActDescriptorHash {
		[roleName: string]: RoleActDescriptor
		}

		interface OACLDefinition extends ACLDefinition {}

		type ArgActVarWhenCheck =
		/**
		* for init, or undefined result
		*/
		undefined \|
		/**
		* for act to checkt
		*/
		string \|
		/**
		* for final access control check result
		*/
		boolean \|
		/**
		* for filter, when
		*/
		RoleActDescriptor\|
		/**
		* for filter, when `Array.isArray(acl) === true && act === 'read'`
		*/
		ACLPermisionAllowedFieldListType
		type ModelACLCheckResult = /* ArgActVarWhenCheck */boolean \| string \| ACLPermisionAllowedFieldListType
		type ACLExtendModelNameType = string;

		type ResultPayloadACLActWhenCheck = undefined \| ACLPermissionBooleanOrArrayType

		type ArgAclRoleValueTypeWhenCheck = undefined \| ACLPermissionBooleanOrArrayType \| RoleActDescriptor
		type ACLRoleVarHostType = RoleActDescriptor
		type CheckoutActValueType = Undefinable<AclPermissionType>
		}

@types/app.d.ts

		@@ -139,3 +139,3 @@ /// <reference types="fibjs" />
		data?: FxOrmNS.FibOrmFixedModelInstance
		acl?: FibAppACL.ModelACLCheckResult // ACLActStringList
		acl?: FibAppACL.RoleActDescriptor
		error?: FibAppFinalError
		@@ -142,0 +142,0 @@ }

CHANGELOG.md


		v1.13.1 / 2018-11-29
		v1.13.2 / 2018-11-29
		==================

		* normalize acl about typo.

		v1.13.1 / 2018-11-29
		====================

		* Release v1.13.1
		* add hidden property 'associated_instances' to `this` object in OACL.
		@@ -6,0 +12,0 @@ * typo and README.md normalization.

lib/utils/checkout_acl.js

		@@ -51,11 +51,11 @@ /// <reference path="../../@types/acl.d.ts" />
		*
		* @param _acl_role type of _acl_role is one description item in RoleActDescriptionHash's ACLPermissionBooleanOrArrayType
		* @param _acl_role type of _acl_role is one description choice of CheckoutActValueType
		*
		* @returns undefined \| boolean
		* @returns FibAppACL.CheckoutActValueType
		*/
		function _checkout_acl_acthash(_acl_role) {
		function _checkout_aclhash(_acl_role) {
		if (_acl_role === undefined)
		return;
		/*
		first, check whether _acl_role is ACLPermissionBooleanOrArrayType
		first, check whether _acl_role is AclPermissionType
		{
		@@ -72,5 +72,4 @@ 'read': true,
		now,
		- _acl_role is (should be) RoleActDescriptionHash
		- act made sense, (expected to be) FibAppACL.RoleKeyInRoleActDescriptionHash
		check whether AClPermissionDescriptorKey `act` exists.
		- act made sense, (expected to be) string
		check whether AclPermissionDescriptorKey `act` exists.
		{
		@@ -86,3 +85,3 @@ 'role1234': {
		/*
		check whether AClPermissionDescriptorKey '*' exists.
		check whether AclPermissionDescriptorKey '*' exists.
		{
		@@ -100,9 +99,7 @@ 'role1234': {
		* in `_checkout_acl_role`, no matter what arg `_act_role` is,
		* it finally led to one explicit arg with type 'FibAppACL.ArgAclRoleValueTypeWhenCheck(ACLPermissionBooleanOrArrayType)',
		* it finally led to one explicit FibAppACL.AclPermissionType
		*
		* then, return the the result `_checkout_acl_acthash(arg)`
		*
		* @param _acl_role
		*
		* @returns FibAppACL.ArgAclRoleValueTypeWhenCheck
		* @returns FibAppACL.AclPermissionType
		*/
		@@ -112,10 +109,10 @@ function _checkout_acl_role(_acl_role) {
		return;
		/* now, _acl_role is(should be) FibAppACL.ArgAclRoleValueTypeWhenCheck */
		/* now, _acl_role is(should be) FibAppACL.CheckoutActValueType */
		if (extend === undefined)
		return _checkout_acl_acthash(_acl_role);
		/* now, _acl_role is(should be) FibAppACL.ACLRoleVarHostType */
		return _checkout_aclhash(_acl_role);
		/* now, _acl_role is(should be) FibAppACL.RoleActDescriptor */
		var exts = _acl_role.extends;
		if (exts !== undefined) {
		/*
		check whether AClPermissionDescriptorKey `extend` exists in parent-AClPermissionDescriptor's 'extends' hash.
		check whether AclPermissionDescriptorKey `extend` exists in parent-AClPermissionDescriptor's 'extends' hash.
		{
		@@ -129,6 +126,6 @@ '1234': {
		*/
		if (_checkout_acl_acthash(exts[extend]))
		if (_checkout_aclhash(exts[extend]))
		return true;
		/*
		check whether AClPermissionDescriptorKey `*` exists in parent-AClPermissionDescriptor's 'extends' hash.
		check whether AclPermissionDescriptorKey `*` exists in parent-AClPermissionDescriptor's 'extends' hash.
		{
		@@ -142,3 +139,3 @@ '1234': {
		*/
		return _checkout_acl_acthash(exts['*']);
		return _checkout_aclhash(exts['*']);
		}
		@@ -145,0 +142,0 @@ }

package.json

		{
		"name": "fib-app",
		"version": "1.13.1",
		"version": "1.13.2",
		"description": "",
		@@ -5,0 +5,0 @@ "main": "./lib",

fib-app - npm Package Compare versions

Worsened metrics