mirror of
https://github.com/strapi/strapi.git
synced 2025-11-02 10:55:37 +00:00
(content-manager): types for permission checker service (#19068)
* feat(content-manager): WIP types for permission checker * fix: PR feedback
This commit is contained in:
Jamie Howard
GitHub
parent
bdcd983c3d
commit
9fa86dd22b
@ -1,53 +1,65 @@
|
||||
import { pipeAsync } from '@strapi/utils';
|
||||
import { LoadedStrapi as Strapi, EntityService, Common } from '@strapi/types';
|
||||
|
||||
const ACTIONS: any = {
|
||||
const ACTIONS = {
|
||||
read: 'plugin::content-manager.explorer.read',
|
||||
create: 'plugin::content-manager.explorer.create',
|
||||
update: 'plugin::content-manager.explorer.update',
|
||||
delete: 'plugin::content-manager.explorer.delete',
|
||||
publish: 'plugin::content-manager.explorer.publish',
|
||||
unpublish: 'plugin::content-manager.explorer.publish',
|
||||
} as const;
|
||||
|
||||
type Entity = EntityService.Result<Common.UID.ContentType>;
|
||||
type Query = {
|
||||
page?: string;
|
||||
pageSize?: string;
|
||||
sort?: string;
|
||||
};
|
||||
|
||||
const createPermissionChecker =
|
||||
(strapi: any) =>
|
||||
({ userAbility, model }: any) => {
|
||||
(strapi: Strapi) =>
|
||||
({ userAbility, model }: { userAbility: any; model: string }) => {
|
||||
const permissionsManager = strapi.admin.services.permission.createPermissionsManager({
|
||||
ability: userAbility,
|
||||
model,
|
||||
});
|
||||
|
||||
const toSubject = (entity: any) =>
|
||||
const toSubject = (entity?: Entity) =>
|
||||
entity ? permissionsManager.toSubject(entity, model) : model;
|
||||
|
||||
const can = (action: any, entity: any, field: any) => {
|
||||
// @ts-expect-error preserve the parameter order
|
||||
// eslint-disable-next-line @typescript-eslint/default-param-last
|
||||
const can = (action: string, entity?: Entity, field: string) => {
|
||||
return userAbility.can(action, toSubject(entity), field);
|
||||
};
|
||||
|
||||
const cannot = (action: any, entity: any, field: any) => {
|
||||
// @ts-expect-error preserve the parameter order
|
||||
// eslint-disable-next-line @typescript-eslint/default-param-last
|
||||
const cannot = (action: string, entity?: Entity, field: string) => {
|
||||
return userAbility.cannot(action, toSubject(entity), field);
|
||||
};
|
||||
|
||||
const sanitizeOutput = (data: any, { action = ACTIONS.read } = {}) => {
|
||||
const sanitizeOutput = (data: Entity, { action = ACTIONS.read }: { action?: string } = {}) => {
|
||||
return permissionsManager.sanitizeOutput(data, { subject: toSubject(data), action });
|
||||
};
|
||||
|
||||
const sanitizeQuery = (query: any, { action = ACTIONS.read } = {}) => {
|
||||
const sanitizeQuery = (query: Query, { action = ACTIONS.read }: { action?: string } = {}) => {
|
||||
return permissionsManager.sanitizeQuery(query, { subject: model, action });
|
||||
};
|
||||
|
||||
const sanitizeInput = (action: any, data: any, entity?: any) => {
|
||||
const sanitizeInput = (action: string, data: any, entity?: Entity) => {
|
||||
return permissionsManager.sanitizeInput(data, {
|
||||
subject: entity ? toSubject(entity) : model,
|
||||
action,
|
||||
});
|
||||
};
|
||||
|
||||
const validateQuery = (query: any, { action = ACTIONS.read } = {}) => {
|
||||
const validateQuery = (query: Query, { action = ACTIONS.read }: { action?: string } = {}) => {
|
||||
return permissionsManager.validateQuery(query, { subject: model, action });
|
||||
};
|
||||
|
||||
const validateInput = (action: any, data: any, entity: any) => {
|
||||
const validateInput = (action: string, data: any, entity?: Entity) => {
|
||||
return permissionsManager.validateInput(data, {
|
||||
subject: entity ? toSubject(entity) : model,
|
||||
action,
|
||||
@ -55,28 +67,24 @@ const createPermissionChecker =
|
||||
};
|
||||
|
||||
const sanitizeCreateInput = (data: any) => sanitizeInput(ACTIONS.create, data);
|
||||
const sanitizeUpdateInput = (entity: any) => (data: any) =>
|
||||
const sanitizeUpdateInput = (entity: Entity) => (data: any) =>
|
||||
sanitizeInput(ACTIONS.update, data, entity);
|
||||
|
||||
const buildPermissionQuery = (query: any, action: any) => {
|
||||
const buildPermissionQuery = (query: Query, action: { action?: string } = {}) => {
|
||||
return permissionsManager.addPermissionsQueryTo(query, action);
|
||||
};
|
||||
|
||||
/**
|
||||
* @param {string} query
|
||||
* @param {keyof typeof ACTIONS} action
|
||||
*/
|
||||
const sanitizedQuery = (query: any, action: any) => {
|
||||
const sanitizedQuery = (query: Query, action: { action?: string } = {}) => {
|
||||
return pipeAsync(
|
||||
(q: any) => sanitizeQuery(q, action),
|
||||
(q: any) => buildPermissionQuery(q, action)
|
||||
(q: Query) => sanitizeQuery(q, action),
|
||||
(q: Query) => buildPermissionQuery(q, action)
|
||||
)(query);
|
||||
};
|
||||
|
||||
// Sanitized queries shortcuts
|
||||
Object.keys(ACTIONS).forEach((action: any) => {
|
||||
Object.keys(ACTIONS).forEach((action) => {
|
||||
// @ts-expect-error TODO
|
||||
sanitizedQuery[action] = (query: any) => sanitizedQuery(query, ACTIONS[action]);
|
||||
sanitizedQuery[action] = (query: Query) => sanitizedQuery(query, ACTIONS[action]);
|
||||
});
|
||||
|
||||
// Permission utils shortcuts
|
||||
@ -104,6 +112,6 @@ const createPermissionChecker =
|
||||
};
|
||||
};
|
||||
|
||||
export default ({ strapi }: any) => ({
|
||||
export default ({ strapi }: { strapi: Strapi }) => ({
|
||||
create: createPermissionChecker(strapi),
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user