refs #4074 @4h acl model and methods in directive

2023-01-23 11:29:58 +01:00 · 2023-01-23 11:29:58 +01:00 · 838df9e85a
parent db7fc594c8
commit 838df9e85a
7 changed files with 92 additions and 38 deletions
--- a/back/methods/account/user-acl.js
+++ b/back/methods/account/user-acl.js
@ -6,6 +6,11 @@ module.exports = Self => {
                arg: 'ctx',
                type: 'Object',
                http: {source: 'context'}
            },
            {
                arg: 'aclList',
                type: 'Object',
                required: true,
            }
        ],
        returns: {
@ -14,16 +19,24 @@ module.exports = Self => {
        },
        http: {
            path: '/user/acl',
-            verb: 'GET'
+            verb: 'POST'
        }
    });
-    Self.userAcl = async function(ctx) {
+    Self.userAcl = async function(ctx, aclList) {
        let userId = ctx.req.accessToken.userId;
        let models = Self.app.models;
-        let user = await models.User.findById(userId, {
+        let ACLs = [];
-            fields: ['id', 'name', 'nickname']
+
-        });
+        for (let key in aclList) {
            let acl = await models.acls.findOne({
                where: {
                    principalId: key,
                }
            });
            if (acl)
                ACLs.push(acl);
        }
        return ACLs;
    };
 };
--- a/back/model-config.json
+++ b/back/model-config.json
@ -2,6 +2,9 @@
    "Account": {
        "dataSource": "vn"
    },
    "acls": {
        "dataSource": "vn"
    },
    "AccountingType": {
        "dataSource": "vn"
    },
--- a/back/models/account.js
+++ b/back/models/account.js
@ -12,6 +12,7 @@ module.exports = Self => {
    require('../methods/account/recover-password')(Self);
    require('../methods/account/validate-token')(Self);
    require('../methods/account/privileges')(Self);
    require('../methods/account/user-acl')(Self);
    // Validations
--- a/back/models/acl.json
+++ b/back/models/acl.json
@ -0,0 +1,39 @@
 {
    "name": "acls",
    "base": "VnModel",
    "options": {
        "mysql": {
            "table": "salix.ACL"
        }
    },
    "properties": {
        "id": {
            "type": "number",
            "id": true
        },
        "model": {
            "type": "string",
            "required": true
        },
        "property": {
            "type": "string",
            "required": true
        },
        "accessType": {
            "type": "string",
            "required": true
        },
        "permission": {
            "type": "string",
            "required": true
        },
        "principalType": {
            "type": "string",
            "required": true
        },
        "principalId": {
            "type": "string",
            "required": true
        }
    }
 }
--- a/front/core/directives/acl.js
+++ b/front/core/directives/acl.js
@ -13,6 +13,12 @@ function vnAcl(aclService) {
            let action = $attrs.vnAclAction || 'disable';
            if ($attrs.vnAclModel) {
                console.log($attrs.vnAclModel, $attrs.vnAclProperty, $attrs.vnAclAccessType);
                let hasAcl = aclService.hasAnyACL($attrs.vnAclModel, $attrs.vnAclProperty, $attrs.vnAclAccessType);
                if (hasAcl) return;
            }
            if (aclService.hasAny(acls)) return;
            if (action === 'disable') {
--- a/front/core/services/acl-service.js
+++ b/front/core/services/acl-service.js
@ -11,7 +11,7 @@ class AclService {
    }
    load() {
-        return this.$http.get('Accounts/acl').then(res => {
+        return this.$http.get('Accounts/acl').then(async res => {
            this.user = res.data.user;
            this.roles = {};
            this.rolesMap = {};
@ -20,6 +20,15 @@ class AclService {
                    this.rolesMap[role.role.name] = true;
            });
            this.acls = {};
            await this.$http.post('Accounts/user/acl', {aclList: this.rolesMap}).then(res => {
                res.data.forEach(acl => {
                    this.acls[acl.model] = this.acls[acl.model] || {};
                    this.acls[acl.model][acl.property] = this.acls[acl.model][acl.property] || {};
                    this.acls[acl.model][acl.property][acl.accessType] = true;
                });
            });
            for (let role of res.data.roles) {
                if (role.role)
                    this.roles[role.role.name] = true;
@ -27,8 +36,20 @@ class AclService {
        });
    }
-    returnRoles() {
+    returnAcls() {
-        return this.rolesMap;
+        return this.acls;
    }
    hasAnyACL(model, property, accessType) {
        if (this.acls) {
            if (this.acls[model]) {
                if (this.acls[model][property]) {
                    if (this.acls[model][property][accessType])
                        return true;
                }
            }
        }
        return false;
    }
    hasAny(roles) {
--- a/front/core/services/user-acl-service.js
+++ b/front/core/services/user-acl-service.js
@ -1,29 +0,0 @@
 import ngModule from '../module';
 class UserAclService {
    constructor($http) {
        this.$http = $http;
    }
    reset() {
        this.user = null;
        this.roles = null;
    }
    load() {
        // return this.$http.get
    }
    hasAny(roles) {
        if (this.roles) {
            for (let role of roles) {
                if (this.roles[role])
                    return true;
            }
        }
        return false;
    }
 }
 UserAclService.$inject = ['$http'];
 ngModule.service('userAclService', UserAclService);