fixes #4074 Descargar ACL del usuario actual #1255

Open
pau wants to merge 40 commits from 4074-download-user-ACL into dev
3 changed files with 37 additions and 24 deletions
Showing only changes of commit 01daa253db - Show all commits

View File

@ -35,18 +35,32 @@ module.exports = Self => {
});
Self.acls = async function(ctx) {
const models = Self.app.models;
const acls = [];
const userId = ctx.req.accessToken.userId;
if (userId) {
const dynamicAcls = await Self.rawSql(`
SELECT *
FROM salix.ACL a
WHERE a.principalId IN (
SELECT r.name COLLATE utf8mb3_general_ci
FROM salix.RoleMapping rm
JOIN account.role r ON r.id = rm.roleId
WHERE rm.principalId = ?
)`, [userId]);
const roleMapping = await models.RoleMapping.find({
where: {
principalId: userId
},
include: [
{
relation: 'role',
scope: {
alexandre marked this conversation as resolved Outdated
Outdated
Review

Esta consulta pot ferse sense gastar SQL, sempre que es puga, fer-ho en funcions de loopback.

Esta consulta pot ferse sense gastar SQL, sempre que es puga, fer-ho en funcions de loopback.
fields: [
'name'
]
}
}
]
});
const dynamicAcls = await models.ACL.find({
where: {
principalId: {
inq: roleMapping.map(rm => rm.role().name)
}
}
});
dynamicAcls.forEach(acl => acls.push(acl));
staticAcls.get('$authenticated').forEach(acl => acls.push(acl));
} else

View File

@ -32,20 +32,12 @@ class AclService {
}
hasAnyACL(model, property, accessType) {
if (this.acls) {
if (this.acls[model]) {
if (this.acls[model]['*']) {
if (this.acls[model]['*']['*'])
const acls = this.acls[model];
if (acls) {
for (const prop of ['*', property]) {
const acl = acls[prop];
if (acl && (acl['*'] || acl[accessType]))
return true;
if (this.acls[model]['*'][accessType])
return true;
}
if (this.acls[model][property]) {
if (this.acls[model][property]['*'])
return true;
if (this.acls[model][property][accessType])
return true;
}
}
}
return false;

View File

@ -39,6 +39,13 @@
"mysql": {
"table": "salix.RoleMapping"
}
},
"relations": {
"role": {
"type": "belongsTo",
"model": "Role",
"foreignKey": "roleId"
}
}
},
"Schema": {