|
|
@@ -13,20 +13,83 @@
|
|
|
//logging: false
|
|
|
});
|
|
|
|
|
|
+
|
|
|
+
|
|
|
+ const User = sequelize.define("user", {
|
|
|
+ login: Sequelize.STRING,
|
|
|
+ password: Sequelize.STRING,
|
|
|
+ })
|
|
|
+
|
|
|
+ const Content = sequelize.define("content", {
|
|
|
+ title: Sequelize.STRING,
|
|
|
+ data: Sequelize.TEXT
|
|
|
+ })
|
|
|
+
|
|
|
+ async function filldb(){
|
|
|
+ await sequelize.sync()
|
|
|
+
|
|
|
+ console.log('synced')
|
|
|
+
|
|
|
+ let [vasya, petya, kolya] = await Promise.all([
|
|
|
+ User.create({login: "Vasya", password: "qwe"}),
|
|
|
+ User.create({login: "Petya", password: "qwe"}),
|
|
|
+ User.create({login: "Kolya", password: "qwe"}),
|
|
|
+ ])
|
|
|
+
|
|
|
+ let groupSlice = await Slice.create({
|
|
|
+ permission: 'group',
|
|
|
+ model: 'group',
|
|
|
+ slice: [`${vasya.id}`, `${petya.id}`]
|
|
|
+ })
|
|
|
+
|
|
|
+ let [vasyaSlice, petyaSlice, kolyaSlice] = await Promise.all([
|
|
|
+ Slice.create({model: 'user', permission: 'user', modelId: vasya.id, slice: ["user", `#${groupSlice.id}`]}),
|
|
|
+ Slice.create({model: 'user', permission: 'user', modelId: petya.id, slice: ["user", `#${groupSlice.id}`]}),
|
|
|
+ Slice.create({model: 'user', permission: 'user', modelId: kolya.id, slice: ["user" ]})
|
|
|
+ ])
|
|
|
+
|
|
|
+ let [hiddenContent, roleContent, groupContent] = await Promise.all([
|
|
|
+ Content.create({title: 'Hidden', data: 'HIDDEN'}),
|
|
|
+ Content.create({title: 'Role', data: 'ROLE'}),
|
|
|
+ Content.create({title: 'Group', data: 'GROUP'}),
|
|
|
+ ])
|
|
|
+
|
|
|
+ let [hiddenSlice, roleSlice, groupContentSlice] = await Promise.all([
|
|
|
+ Slice.create({model: 'contents', permission: 'read', modelId: hiddenContent.id, slice: [], ownerId: kolya.id}),
|
|
|
+ Slice.create({model: 'contents', permission: 'read', modelId: roleContent.id, slice: ["user"], ownerId: vasya.id}),
|
|
|
+ Slice.create({model: 'contents', permission: 'read', modelId: groupContent.id, slice: [`#${groupSlice.id}`], ownerId: petya.id}),
|
|
|
+ ])
|
|
|
+
|
|
|
+ let createSlice = await Slice.create({model: 'contents', permission: 'create', slice: ['user']})
|
|
|
+ }
|
|
|
+
|
|
|
+ //filldb()
|
|
|
+ //
|
|
|
+
|
|
|
const Slice = sequelize.define("slice",{
|
|
|
permission: Sequelize.STRING, //create, update, delete, read, etc
|
|
|
model: Sequelize.STRING,
|
|
|
modelId: Sequelize.INTEGER,
|
|
|
+ ownerId: Sequelize.INTEGER,
|
|
|
//plain list of: "tags" like: admin, manager, user, anon, User can be tagged by this word in string list variable
|
|
|
//OR: just userId.
|
|
|
//OR, if negative number (or hash #100500) - other slice id (use abs to get proper table id)
|
|
|
//this way optimizing
|
|
|
slice: {type: Sequelize.TEXT, //PROBABLY STRING
|
|
|
get(){
|
|
|
- return this.getDataValue("slice").split(",")
|
|
|
+ if (this._slice) return this._slice
|
|
|
+
|
|
|
+ let result = []
|
|
|
+ for (let item of this.getDataValue("slice").split(",")){
|
|
|
+ if (!result.includes(item)){
|
|
|
+ result.push(item)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ this._slice = result;
|
|
|
+ return this._slice
|
|
|
},
|
|
|
set(newValue){ //TODO: update users before with groups
|
|
|
- newValue = "length" in newValue ? newValue.join(",") : newValue
|
|
|
+ newValue = ("length" in newValue) ? newValue.join(",") : newValue
|
|
|
return this.setDataValue("slice", newValue)
|
|
|
}
|
|
|
}
|
|
|
@@ -81,55 +144,6 @@
|
|
|
]
|
|
|
})
|
|
|
|
|
|
-
|
|
|
- const User = sequelize.define("user", {
|
|
|
- login: Sequelize.STRING,
|
|
|
- password: Sequelize.STRING,
|
|
|
- })
|
|
|
-
|
|
|
- const Content = sequelize.define("content", {
|
|
|
- title: Sequelize.STRING,
|
|
|
- data: Sequelize.TEXT
|
|
|
- })
|
|
|
-
|
|
|
- async function filldb(){
|
|
|
- await sequelize.sync()
|
|
|
-
|
|
|
- console.log('synced')
|
|
|
-
|
|
|
- let [vasya, petya, kolya] = await Promise.all([
|
|
|
- User.create({login: "Vasya", password: "qwe"}),
|
|
|
- User.create({login: "Petya", password: "qwe"}),
|
|
|
- User.create({login: "Kolya", password: "qwe"}),
|
|
|
- ])
|
|
|
-
|
|
|
- let groupSlice = await Slice.create({
|
|
|
- permission: 'group',
|
|
|
- model: 'group',
|
|
|
- slice: [`${vasya.id}`, `${petya.id}`]
|
|
|
- })
|
|
|
-
|
|
|
- let [vasyaSlice, petyaSlice, kolyaSlice] = await Promise.all([
|
|
|
- Slice.create({model: 'user', permission: 'user', modelId: vasya.id, slice: ["user", `#${groupSlice.id}`]}),
|
|
|
- Slice.create({model: 'user', permission: 'user', modelId: petya.id, slice: ["user", `#${groupSlice.id}`]}),
|
|
|
- Slice.create({model: 'user', permission: 'user', modelId: kolya.id, slice: ["user" ]})
|
|
|
- ])
|
|
|
-
|
|
|
- let [hiddenContent, roleContent, groupContent] = await Promise.all([
|
|
|
- Content.create({title: 'Hidden', data: 'HIDDEN'}),
|
|
|
- Content.create({title: 'Role', data: 'ROLE'}),
|
|
|
- Content.create({title: 'Group', data: 'GROUP'}),
|
|
|
- ])
|
|
|
-
|
|
|
- let [hiddenSlice, roleSlice, groupContentSlice] = await Promise.all([
|
|
|
- Slice.create({model: 'content', permission: 'read', modelId: hiddenContent.id, slice: []}),
|
|
|
- Slice.create({model: 'content', permission: 'read', modelId: roleContent.id, slice: ["user"]}),
|
|
|
- Slice.create({model: 'content', permission: 'read', modelId: groupContent.id, slice: [`#${groupSlice.id}`]}),
|
|
|
- ])
|
|
|
- }
|
|
|
-
|
|
|
- //filldb()
|
|
|
-
|
|
|
function sliced(model){
|
|
|
return async userId => {
|
|
|
let user = await User.findByPk(userId)
|
|
|
@@ -148,9 +162,15 @@
|
|
|
|
|
|
let mapMethodToPermission = {
|
|
|
read: ["count", "findAll", "findAndCountAll", "findByPk", "findOne", "max", "min", "sum"],
|
|
|
- write: ["create", "destroy","findCreateFind","findOrCreate","update","upsert" ]
|
|
|
+ write: [ "destroy","update",],
|
|
|
+ create: ["create", "findCreateFind", "findOrCreate","upsert" ]
|
|
|
+ }
|
|
|
+
|
|
|
+ function writeHook(instance, options){
|
|
|
+ return sequelize.Promise.reject(new ReferenceError("No Permissions"));
|
|
|
}
|
|
|
|
|
|
+
|
|
|
//sequelize.addHook('beforeCreate', (...params) => console.log(params))
|
|
|
let modelProxy = new Proxy(model, {
|
|
|
get(model, method){
|
|
|
@@ -165,8 +185,15 @@
|
|
|
console.log(`not found ${method}`)
|
|
|
return model[method]
|
|
|
}
|
|
|
+ console.log('PERMISSION', permission)
|
|
|
let checker = async slice => {
|
|
|
+ if (!slice) return false
|
|
|
+ console.log('CHECKER', 'slice ok')
|
|
|
+ if (slice.ownerId === userId) return true
|
|
|
+ console.log('CHECKER', 'not owner', await slice.allRoles, userRoles)
|
|
|
let intersect = (await slice.allRoles).filter(role => userRoles.includes(role))
|
|
|
+ console.log('CHECKER', intersect)
|
|
|
+
|
|
|
return (intersect.length || (await slice.allUserIds).includes(userId + ''))
|
|
|
}
|
|
|
let wrappers = {
|
|
|
@@ -199,6 +226,28 @@
|
|
|
}})
|
|
|
return (await checker(slice)) ? result : null;
|
|
|
}
|
|
|
+ },
|
|
|
+ async create(...params){
|
|
|
+ let createSlice = await Slice.findOne({where: {model: model.getTableName(),
|
|
|
+ permission}})
|
|
|
+ if (await checker(createSlice)){
|
|
|
+ console.log('CHECKER YAYA')
|
|
|
+ let result = await model[method](...params)
|
|
|
+ if ('id' in result){ //new record
|
|
|
+ let newReadSlice = await Slice.create({
|
|
|
+ model: model.getTableName(),
|
|
|
+ modelId: result.id,
|
|
|
+ ownerId: userId,
|
|
|
+ permission: 'read',
|
|
|
+ slice: createSlice.slice, //default read permissions from create
|
|
|
+ })
|
|
|
+ return result
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return null
|
|
|
+ },
|
|
|
+ async write(...params){
|
|
|
+ console.log('WRITE', method)
|
|
|
}
|
|
|
}
|
|
|
return wrappers[permission]
|
|
|
@@ -210,9 +259,14 @@
|
|
|
}
|
|
|
|
|
|
let SlicedContent = await sliced(Content)(3)
|
|
|
+ //console.log(await SlicedContent.findAll({}))
|
|
|
+
|
|
|
+ let newContent = await SlicedContent.create({title: "SLiced", data: "SLICED"})
|
|
|
+ console.log(newContent)
|
|
|
+
|
|
|
+ newContent.data = 'sliced2'
|
|
|
+ await newContent.save()
|
|
|
|
|
|
- let allContent = await SlicedContent.findByPk(3)
|
|
|
- console.log(allContent)
|
|
|
|
|
|
|
|
|
|
