yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-11-12 08:08:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/core/admin/domain/permission/index.js

141 lines
4.4 KiB
JavaScript
Raw Normal View History

I18n/ permissions rework (#9535) * Add a domain layer for the permission, rework the engine handling of the permissions Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Add permissions-fields-to-properties migration for the admin Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Removes useless console.log Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove debug logLevel from provider-login.test.e2e.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Adds the new layout for the GET permissions, allow to subscribe to actionRegistered events, adds i18n handlers Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Fix typo Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update permissions validators Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update unit tests Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Update integrations test + fix some validation issues Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Change plugins & settings section format for the permissions layout * only return locales property to localized subjects for the permission's layout * Do not send the locales property to the permission's layout when there is no locales created * Add the 'locales' property to publish & delete routes * Fix unwanted mutation of the sections builder states on multiple builds * Fix units tests with (new engine) * Fix admin-role e2e test - Add locales property to the update payload * fix e2e testsé * Update e2e snapshots * Fix unit test for i18n bootstrap * Add mocks for i18n/bootstrap test * Fix has-locale condition & updatePermission validator * Avoid mutation in migration, always authorize super admin for has-locales condition * Rework rbac domain objects, add a hook module and a provider factory * Remove old providers * Update the admin services & tests for the new rbac domain & providers * Fix tests, bootstrap functions & services following rbac domain rework * Update migration runner * PR comments Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> * Remove useless console.log * Fix sanitizeCondition bug * Section builder rework * Add test for the section-builder section & add jsdoc for the permission domain * pr comments (without the migrations) * fix fields-to-properties migration * Add jsdoc for the sections-builder * Moves createBoundAbstractDomain from permission domain to the engine service * Remove debug logLevel for admin role test (e2e) * Fix core-store * Fix hooks & move business logic from i18n bootstrap to dedicated services * add route get-non-localized-fields * use write and read permission * refacto * add input validator * add route doc * handle ST Co-authored-by: Pierre Noël <petersg83@gmail.com> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
2021-03-25 14:59:44 +01:00
'use strict';
const {
pipe,
set,
pick,
eq,
omit,
remove,
get,
uniq,
isArray,
map,
curry,
merge,
} = require('lodash/fp');
/**
* Domain representation of a Permission (RBAC)
* @typedef {Object} Permission
* @property {string} [id] - The unique identifier of the permission
* @property {string} [role] - The role associated to a permission
* @property {string} action - The human readable name of an action
* @property {string} properties - A set of properties used to define the permission with more granularity
* @property {string} conditions - Conditions to check when evaluating the permission
* @property {string} subject - The subject on which the permission should applies
*/
const permissionFields = ['id', 'action', 'subject', 'properties', 'conditions', 'role'];
const sanitizedPermissionFields = ['id', 'action', 'subject', 'properties', 'conditions'];
const sanitizePermissionFields = pick(sanitizedPermissionFields);
/**
* Creates a permission with default values
* @return {Permission}
*/
const getDefaultPermission = () => ({
conditions: [],
properties: {},
subject: null,
});
/**
* Returns a new permission with the given condition
* @param {string} condition - The condition to add
* @param {Permission} permission - The permission on which we want to add the condition
* @return {Permission}
*/
const addCondition = curry((condition, permission) => {
const { conditions } = permission;
const newConditions = Array.isArray(conditions)
? uniq(conditions.concat(condition))
: [condition];
return set('conditions', newConditions, permission);
});
/**
* Returns a new permission without the given condition
* @param {string} condition - The condition to remove
* @param {Permission} permission - The permission on which we want to remove the condition
* @return {Permission}
*/
const removeCondition = curry((condition, permission) => {
return set('conditions', remove(eq(condition), permission.conditions), permission);
});
/**
* Gets a property or a part of a property from a permission.
* @param {string} property - The property to get
* @param {Permission} permission - The permission on which we want to access the property
* @return {Permission}
*/
const getProperty = curry((property, permission) => get(`properties.${property}`, permission));
/**
* Set a value for a given property on a new permission object
* @param {string} property - The name of the property
* @param {any} value - The value of the property
* @param {Permission} permission - The permission on which we want to set the property
* @return {Permission}
*/
const setProperty = (property, value, permission) => {
return set(`properties.${property}`, value, permission);
};
/**
* Returns a new permission without the given property name set
* @param {string} property - The name of the property to delete
* @param {Permission} permission - The permission on which we want to remove the property
* @return {Permission}
*/
const deleteProperty = (property, permission) => omit(`properties.${property}`, permission);
/**
* Creates a new {@link Permission} object from raw attributes. Set default values for certain fields
* @param {Permission} attributes
* @return {Permission}
*/
const create = attributes => {
return pipe(pick(permissionFields), merge(getDefaultPermission()))(attributes);
};
/**
* Using the given condition provider, check and remove invalid condition from the permission's condition array.
* @param {object} provider - The condition provider used to do the checks
* @param {Permission} permission - The condition to sanitize
* @return {Permission}
*/
const sanitizeConditions = curry((provider, permission) => {
if (!isArray(permission.conditions)) {
return permission;
}
return permission.conditions
.filter(condition => !provider.has(condition))
.reduce((perm, condition) => removeCondition(condition, perm), permission);
});
/**
* Transform raw attributes into valid permissions using the create domain function.
* @param {object | object[]} payload - Can either be a single object of attributes or an array of those objects.
* @return {Permission | Permission[]}
*/
const toPermission = payload => (isArray(payload) ? map(create, payload) : create(payload));
module.exports = {
addCondition,
removeCondition,
create,
deleteProperty,
permissionFields,
getProperty,
sanitizedPermissionFields,
sanitizeConditions,
sanitizePermissionFields,
setProperty,
toPermission,
};
Reference in New Issue Copy Permalink