salix/loopback/common/methods/application/execute.js

const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.execute = async(ctx, type, query, params, options) => {
        const userId = ctx.req.accessToken.userId;
        const models = Self.app.models;
        params = params ?? [];

        const myOptions = {userId: ctx.req.accessToken.userId};
        if (typeof options == 'object')
            Object.assign(myOptions, options);

        const chain = query.split(' ')[1];

        const [canExecute] = await models.ProcsPriv.rawSql(
            'SELECT account.user_hasRoutinePriv(?,?,?)',
            [type, chain, userId],
            myOptions);

        if (!Object.values(canExecute)[0]) throw new UserError(`You don't have enough privileges`, 'ACCESS_DENIED');

        const argString = params.map(() => '?').join(',');

        const [response] = await models.ProcsPriv.rawSql(query + `(${argString})`, params, myOptions);
        return response;
    };
};
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			`const UserError = require('vn-loopback/util/user-error');`

			`module.exports = Self => {`
refs #6014 refactor(execute): schema required 2023-11-14 08:17:46 +00:00			`Self.execute = async(ctx, type, query, params, options) => {`
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			`const userId = ctx.req.accessToken.userId;`
			`const models = Self.app.models;`
			`params = params ?? [];`

			`const myOptions = {userId: ctx.req.accessToken.userId};`
			`if (typeof options == 'object')`
			`Object.assign(myOptions, options);`

refs #6014 refactor(execute): schema required 2023-11-14 08:17:46 +00:00			`const chain = query.split(' ')[1];`
refs #6014 refactor(execute): split code 2023-11-13 08:36:20 +00:00
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			`const [canExecute] = await models.ProcsPriv.rawSql(`
			`'SELECT account.user_hasRoutinePriv(?,?,?)',`
refs #6014 refactor(execute): schema required 2023-11-14 08:17:46 +00:00			`[type, chain, userId],`
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			`myOptions);`
refs #6014 refactor(execute): split code 2023-11-13 08:36:20 +00:00
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			if (!Object.values(canExecute)[0]) throw new UserError(`You don't have enough privileges`, 'ACCESS_DENIED');

refs #6014 refactor(execute): schema required 2023-11-14 08:17:46 +00:00			`const argString = params.map(() => '?').join(',');`
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00
refs #6014 refactor(execute): schema required 2023-11-14 08:17:46 +00:00			const [response] = await models.ProcsPriv.rawSql(query + `(${argString})`, params, myOptions);
refs #6014 feat(execute): use user_hasRoutinePriv. feat(execute): split in executeProc & executeFunc 2023-11-10 09:58:58 +00:00			`return response;`
			`};`
			`};`