mirror of
https://github.com/directus/directus.git
synced 2026-04-25 03:00:53 -04:00
148 lines
4.2 KiB
TypeScript
148 lines
4.2 KiB
TypeScript
import type { PermissionsAction, Query } from '@directus/types';
|
|
import type Keyv from 'keyv';
|
|
import { clearSystemCache, getCache } from '../cache.js';
|
|
import { appAccessMinimalPermissions } from '../database/system-data/app-access-permissions/index.js';
|
|
import type { QueryOptions } from './items.js';
|
|
import { ItemsService } from './items.js';
|
|
import type { AbstractServiceOptions, Item, MutationOptions, PrimaryKey } from '../types/index.js';
|
|
import { filterItems } from '../utils/filter-items.js';
|
|
|
|
export class PermissionsService extends ItemsService {
|
|
systemCache: Keyv<any>;
|
|
|
|
constructor(options: AbstractServiceOptions) {
|
|
super('directus_permissions', options);
|
|
|
|
const { systemCache } = getCache();
|
|
|
|
this.systemCache = systemCache;
|
|
}
|
|
|
|
getAllowedFields(action: PermissionsAction, collection?: string): Record<string, string[]> {
|
|
const results =
|
|
this.accountability?.permissions?.filter((permission) => {
|
|
let matchesCollection = true;
|
|
|
|
if (collection) {
|
|
matchesCollection = permission.collection === collection;
|
|
}
|
|
|
|
const matchesAction = permission.action === action;
|
|
|
|
return collection ? matchesCollection && matchesAction : matchesAction;
|
|
}) ?? [];
|
|
|
|
const fieldsPerCollection: Record<string, string[]> = {};
|
|
|
|
for (const result of results) {
|
|
const { collection, fields } = result;
|
|
if (!fieldsPerCollection[collection]) fieldsPerCollection[collection] = [];
|
|
fieldsPerCollection[collection]!.push(...(fields ?? []));
|
|
}
|
|
|
|
return fieldsPerCollection;
|
|
}
|
|
|
|
override async readByQuery(query: Query, opts?: QueryOptions): Promise<Partial<Item>[]> {
|
|
const result = await super.readByQuery(query, opts);
|
|
|
|
if (Array.isArray(result) && this.accountability && this.accountability.app === true) {
|
|
result.push(
|
|
...filterItems(
|
|
appAccessMinimalPermissions.map((permission) => ({
|
|
...permission,
|
|
role: this.accountability!.role,
|
|
})),
|
|
query.filter,
|
|
),
|
|
);
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
override async readMany(keys: PrimaryKey[], query: Query = {}, opts?: QueryOptions): Promise<Partial<Item>[]> {
|
|
const result = await super.readMany(keys, query, opts);
|
|
|
|
if (this.accountability && this.accountability.app === true) {
|
|
result.push(
|
|
...filterItems(
|
|
appAccessMinimalPermissions.map((permission) => ({
|
|
...permission,
|
|
role: this.accountability!.role,
|
|
})),
|
|
query.filter,
|
|
),
|
|
);
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
override async createOne(data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.createOne(data, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
override async createMany(data: Partial<Item>[], opts?: MutationOptions) {
|
|
const res = await super.createMany(data, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
override async updateBatch(data: Partial<Item>[], opts?: MutationOptions) {
|
|
const res = await super.updateBatch(data, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
override async updateMany(keys: PrimaryKey[], data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.updateMany(keys, data, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
override async upsertMany(payloads: Partial<Item>[], opts?: MutationOptions) {
|
|
const res = await super.upsertMany(payloads, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
override async deleteMany(keys: PrimaryKey[], opts?: MutationOptions) {
|
|
const res = await super.deleteMany(keys, opts);
|
|
await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
|
|
|
|
if (this.cache && opts?.autoPurgeCache !== false) {
|
|
await this.cache.clear();
|
|
}
|
|
|
|
return res;
|
|
}
|
|
}
|