yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-09 09:14:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-admin/services/permission/permissions-manager/index.js
Convly cf56735e29 Make better use of flatMap for hasAtLeastOneRegisteredField condition 
Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-07-17 12:01:16 +02:00

63 lines
1.6 KiB
JavaScript
Raw Blame History

'use strict';
const _ = require('lodash');
const { subject: asSubject } = require('@casl/ability');
const { permittedFieldsOf } = require('@casl/ability/extra');
const { sanitizeEntity } = require('strapi-utils');
const { buildStrapiQuery, buildCaslQuery } = require('./query-builers');
module.exports = (ability, action, model) => ({
ability,
action,
model,
get query() {
return buildStrapiQuery(buildCaslQuery(ability, action, model));
},
get isAllowed() {
return this.ability.can(action, model);
},
toSubject(target, subjectType = model) {
return asSubject(subjectType, target);
},
pickPermittedFieldsOf(data, options = {}) {
return this.sanitize(data, { ...options, isOutput: false });
},
queryFrom(query) {
return {
...query,
_where: query._where ? _.concat(this.query, query._where) : [this.query],
};
},
sanitize(data, options = {}) {
const {
subject = this.toSubject(data),
action: actionOverride = action,
withPrivate = true,
isOutput = true,
} = options;
if (_.isArray(data)) {
return data.map(this.sanitize.bind(this));
}
const permittedFields = permittedFieldsOf(ability, actionOverride, subject);
const hasAtLeastOneRegisteredField = _.some(
_.flatMap(ability.rulesFor(actionOverride, subject), 'fields')
);
const shouldIncludeAllFields = _.isEmpty(permittedFields) && !hasAtLeastOneRegisteredField;
return sanitizeEntity(data, {
model: strapi.getModel(model),
includeFields: shouldIncludeAllFields ? null : permittedFields,
withPrivate,
isOutput,
});
},
});
Reference in New Issue View Git Blame Copy Permalink