fixes #4074 Descargar ACL del usuario actual #1255
|
@ -35,18 +35,32 @@ module.exports = Self => {
|
|||
});
|
||||
|
||||
Self.acls = async function(ctx) {
|
||||
const models = Self.app.models;
|
||||
const acls = [];
|
||||
const userId = ctx.req.accessToken.userId;
|
||||
if (userId) {
|
||||
const dynamicAcls = await Self.rawSql(`
|
||||
SELECT *
|
||||
FROM salix.ACL a
|
||||
WHERE a.principalId IN (
|
||||
SELECT r.name COLLATE utf8mb3_general_ci
|
||||
FROM salix.RoleMapping rm
|
||||
JOIN account.role r ON r.id = rm.roleId
|
||||
WHERE rm.principalId = ?
|
||||
)`, [userId]);
|
||||
const roleMapping = await models.RoleMapping.find({
|
||||
where: {
|
||||
principalId: userId
|
||||
},
|
||||
include: [
|
||||
{
|
||||
relation: 'role',
|
||||
scope: {
|
||||
alexandre marked this conversation as resolved
Outdated
|
||||
fields: [
|
||||
'name'
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
});
|
||||
const dynamicAcls = await models.ACL.find({
|
||||
where: {
|
||||
principalId: {
|
||||
inq: roleMapping.map(rm => rm.role().name)
|
||||
}
|
||||
}
|
||||
});
|
||||
dynamicAcls.forEach(acl => acls.push(acl));
|
||||
staticAcls.get('$authenticated').forEach(acl => acls.push(acl));
|
||||
} else
|
||||
|
|
|
@ -32,20 +32,12 @@ class AclService {
|
|||
}
|
||||
|
||||
hasAnyACL(model, property, accessType) {
|
||||
if (this.acls) {
|
||||
if (this.acls[model]) {
|
||||
if (this.acls[model]['*']) {
|
||||
if (this.acls[model]['*']['*'])
|
||||
const acls = this.acls[model];
|
||||
if (acls) {
|
||||
for (const prop of ['*', property]) {
|
||||
const acl = acls[prop];
|
||||
if (acl && (acl['*'] || acl[accessType]))
|
||||
return true;
|
||||
if (this.acls[model]['*'][accessType])
|
||||
return true;
|
||||
}
|
||||
if (this.acls[model][property]) {
|
||||
if (this.acls[model][property]['*'])
|
||||
return true;
|
||||
if (this.acls[model][property][accessType])
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
|
|
@ -39,6 +39,13 @@
|
|||
"mysql": {
|
||||
"table": "salix.RoleMapping"
|
||||
}
|
||||
},
|
||||
"relations": {
|
||||
"role": {
|
||||
"type": "belongsTo",
|
||||
"model": "Role",
|
||||
"foreignKey": "roleId"
|
||||
}
|
||||
}
|
||||
},
|
||||
"Schema": {
|
||||
|
|
Loading…
Reference in New Issue
Esta consulta pot ferse sense gastar SQL, sempre que es puga, fer-ho en funcions de loopback.