fm453/nocobase
1
0
Fork 0
mirror of https://gitee.com/nocobase/nocobase.git synced 2025-05-08 06:59:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
nocobase/packages/plugins/acl/src/model/RoleResourceModel.ts
ChengLei Shao b511ef3d8f
Fix acl target action error (#311) 
* fix: field association resource name

* chore: resourceCollection fields unique index

* fix: test

* feat: allowConfigure permission skip

* feat: skip with array type actionNames

* chore: rename acl skip to allow

* fix: type

* chore: rename SkipManager to AllowManager
2022-04-24 10:14:46 +08:00

62 lines
1.9 KiB
TypeScript
Raw Blame History

import { Database, Model } from '@nocobase/database';
import { ACL, ACLRole } from '@nocobase/acl';
import { RoleResourceActionModel } from './RoleResourceActionModel';
import { AssociationFieldsActions, GrantHelper } from '../server';
export class RoleResourceModel extends Model {
async revoke(options: { role: ACLRole; resourceName: string; grantHelper: GrantHelper }) {
const { role, resourceName, grantHelper } = options;
role.revokeResource(resourceName);
const targetActions = grantHelper.resourceTargetActionMap.get(resourceName) || [];
for (const targetAction of targetActions) {
const targetActionResource = (grantHelper.targetActionResourceMap.get(targetAction) || []).filter(
(item) => resourceName !== item,
);
grantHelper.targetActionResourceMap.set(targetAction, targetActionResource);
if (targetActionResource.length == 0) {
role.revokeAction(targetAction);
}
}
grantHelper.resourceTargetActionMap.set(resourceName, []);
}
async writeToACL(options: {
acl: ACL;
associationFieldsActions: AssociationFieldsActions;
grantHelper: GrantHelper;
transaction: any;
}) {
const { acl, associationFieldsActions, grantHelper } = options;
const resourceName = this.get('name') as string;
const roleName = this.get('roleName') as string;
const role = acl.getRole(roleName);
// revoke resource of role
await this.revoke({ role, resourceName, grantHelper });
// @ts-ignore
if (this.usingActionsConfig === false) {
return;
}
// @ts-ignore
const actions: RoleResourceActionModel[] = await this.getActions({
transaction: options.transaction,
});
for (const action of actions) {
await action.writeToACL({
acl,
role,
resourceName,
associationFieldsActions,
grantHelper: options.grantHelper,
});
}
}
}
Reference in New Issue View Git Blame Copy Permalink