forked from apxtri/apxtri
fix access right for create
This commit is contained in:
parent
53d8a18536
commit
2ba6787673
@ -420,7 +420,8 @@ Odmdb.search = (objectPathname, objsearch, role) => {
|
||||
//console.log(role);
|
||||
const accessright = Odmdb.accessright(
|
||||
getschema.data.schema.apxaccessrights,
|
||||
role
|
||||
role,
|
||||
Object.keys(getschema.data.schema.properties)
|
||||
);
|
||||
//console.log(accessright);
|
||||
if (objsearch.fields == "all") {
|
||||
@ -486,7 +487,8 @@ Odmdb.r = (objectPathname, apxid, role) => {
|
||||
}
|
||||
const accessright = Odmdb.accessright(
|
||||
getschema.data.schema.apxaccessrights,
|
||||
role
|
||||
role,
|
||||
Object.keys(getschema.data.schema.properties)
|
||||
);
|
||||
if (!accessright.R) {
|
||||
return {
|
||||
@ -516,26 +518,24 @@ Odmdb.r = (objectPathname, apxid, role) => {
|
||||
* @returns access right to C create if present, to read (properties list or all if empty), to Update properties list or all if empty, D elete
|
||||
* example: {"C":[],"R":[properties list],"U":[properties ist],"D":[]}
|
||||
*/
|
||||
Odmdb.accessright = (apxaccessrights, role) => {
|
||||
Odmdb.accessright = (apxaccessrights, role, properties) => {
|
||||
//if (log) console.log(currentmod,"apxaccessrights",apxaccessrights)
|
||||
//if (log) console.log(currentmod,"role",role)
|
||||
//if (log) console.log(currentmod,"properties",properties)
|
||||
const accessright = {};
|
||||
console.log();
|
||||
role.xprofils.forEach((p) => {
|
||||
role.xprofils.forEach(p => {
|
||||
if (apxaccessrights[p]) {
|
||||
Object.keys(apxaccessrights[p]).forEach((act) => {
|
||||
Object.keys(apxaccessrights[p]).forEach(act => {
|
||||
if (apxaccessrights[p][act].length===0) apxaccessrights[p][act]=properties;
|
||||
if (!accessright[act]) {
|
||||
accessright[act] = apxaccessrights[p][act];
|
||||
} else {
|
||||
if (accessright[act].length != 0) {
|
||||
//case where [] that mean all accessright on any properties
|
||||
accessright[act] = [
|
||||
...new Set([...accessright[act], ...apxaccessrights[p][act]]),
|
||||
];
|
||||
}
|
||||
}
|
||||
//if (log) console.log(currentmod,act,accessright[act])
|
||||
});
|
||||
})
|
||||
}
|
||||
});
|
||||
return accessright;
|
||||
@ -619,14 +619,13 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
|
||||
//get accessright {C:[],R:[],U:[],D:[]} if exist means authorize, if array contain properties (for R and U) right is only allowed on properties
|
||||
const accessright = Odmdb.accessright(
|
||||
getschema.data.schema.apxaccessrights,
|
||||
role
|
||||
role,
|
||||
Object.keys(getschema.data.schema.properties)
|
||||
);
|
||||
|
||||
Object.keys(accessright).forEach(act=>{
|
||||
if (accessright[act].length===0) accessright[act]=Object.keys(getschema.data.schema.properties)
|
||||
})
|
||||
if (log) console.log(currentmod, "Accessright to: ", accessright);
|
||||
if (getschema.data.schema.apxaccessrights.contextrules) {
|
||||
//Need to check context to validate accessright
|
||||
//require('../../')
|
||||
}
|
||||
if (
|
||||
(crud == "C" && !accessright.C) ||
|
||||
(crud == "D" && !accessright.D) ||
|
||||
@ -653,7 +652,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
|
||||
);
|
||||
} else {
|
||||
// if Create Update erase old version
|
||||
let itmtostore = itm;
|
||||
let itmtostore={};
|
||||
if (crud == "U" && accessright.U.length > 0) {
|
||||
itmtostore = itmold;
|
||||
const keynotallow = Object.keys(itm).filter(
|
||||
@ -667,10 +666,20 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
|
||||
//console.log(accessright)
|
||||
accessright.U.forEach(async (p) => {
|
||||
// check this propertie exist in the requested update itm
|
||||
if (itm[p] && itm[p] != "") itmtostore[p] = itm[p];
|
||||
if (itm[p] && itm[p] !== "") itmtostore[p] = itm[p];
|
||||
});
|
||||
itmtostore.dt_update = dayjs().toISOString();
|
||||
}
|
||||
if (crud == "C"){
|
||||
const keynotallow = Object.keys(itm).filter(
|
||||
(el) => !accessright.C.includes(el)
|
||||
);
|
||||
accessright.C.forEach(async (p) => {
|
||||
// check this propertie exist in the requested update itm
|
||||
if (itm[p] && itm[p] !== "") itmtostore[p] = itm[p];
|
||||
});
|
||||
itmtostore.dt_create = dayjs().toISOString();
|
||||
}
|
||||
Object.keys(itmtostore).forEach((k) => {
|
||||
// remove empty itmtostore in case they are =>
|
||||
console.log(k, itmtostore[k], itmtostore[k] === "");
|
||||
@ -707,11 +716,10 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
|
||||
fs.writeFileSync(`${objectPathname}/${filenameimg}`, imgb64, {
|
||||
encoding: "base64",
|
||||
});
|
||||
itmtostore[k] = "";
|
||||
delete itmtostore[k];
|
||||
}
|
||||
}
|
||||
});
|
||||
if (crud == "C") itmtostore.dt_create = dayjs().toISOString();
|
||||
// check consistency of datatostore
|
||||
//console.log("itmstostore::::::", itmtostore);
|
||||
const chkdata = Checkjson.schema.data(
|
||||
|
Loading…
x
Reference in New Issue
Block a user