UNPKG

@casl/prisma

Version:

Allows to query accessible records using Prisma client based on CASL rules

casl.js.org

stalniy/casl

3 lines (2 loc) 5.55 kB
1
2
3
"use strict";var t=require("@ucast/core");var e=require("@ucast/js");var r=require("@casl/ability/extra");var n=require("@casl/ability");class o extends Error{static invalidArgument(t,e,r){const n=`${typeof e}(${JSON.stringify(e,null,2)})`;return new this(`"${t}" expects to receive ${r} but instead got "${n}"`)}}const s=t=>t&&(t.constructor===Object||!t.constructor);const a={type:"field",validate(t,e){if(Array.isArray(e)||s(e))throw new o(`"${t.name}" does not supports comparison of arrays and objects`)}};const i={type:"field",parse(e,r,{hasOperators:n,field:a,parse:i}){if(s(r)&&!n(r)||Array.isArray(r))throw new o(`"${e.name}" does not supports comparison of arrays and objects`);if(!s(r))return new t.FieldCondition("notEquals",a,r);return new t.CompoundCondition("NOT",[i(r,{field:a})])}};const c={type:"field",validate(t,e){if(!Array.isArray(e))throw o.invalidArgument(t.name,e,"an array")}};const u={type:"field",validate(t,e){const r=typeof e;const n=r==="string"||r==="number"&&Number.isFinite(e)||e instanceof Date;if(!n)throw o.invalidArgument(t.name,e,"comparable value")}};const l=new Set(["insensitive","default"]);const p={type:"field",validate(t,e){if(!l.has(e))throw o.invalidArgument(t.name,e,`one of ${Array.from(l).join(", ")}`)},parse:()=>t.NULL_CONDITION};const y={type:"field",validate(t,e){if(typeof e!=="string")throw o.invalidArgument(t.name,e,"string")},parse(e,r,{query:n,field:o}){const s=n.mode==="insensitive"?`i${e.name}`:e.name;return new t.FieldCondition(s,o,r)}};const f={type:"compound",validate(t,e){if(!e||typeof e!=="object")throw o.invalidArgument(t.name,e,"an array or object")},parse(e,r,{parse:n}){const o=Array.isArray(r)?r:[r];const s=o.map((t=>n(t)));return new t.CompoundCondition(e.name,s)}};const d={type:"field",validate(t,e){if(typeof e!=="boolean")throw o.invalidArgument(t.name,e,"a boolean")}};const w={type:"field"};const h={type:"field",validate(t,e){if(!Array.isArray(e))throw o.invalidArgument(t.name,e,"an array")}};const b={type:"field",parse(e,r,{field:n,parse:a}){if(!s(r))throw o.invalidArgument(e.name,r,"a query for nested relation");return new t.FieldCondition(e.name,n,a(r))}};const g=(e,r)=>{const n=r.parse;if(!n)return Object.assign({},r,{parse(r,n,o){return new t.CompoundCondition("NOT",[new t.FieldCondition(e,o.field,n)])}});return Object.assign({},r,{parse(r,o,s){const a=n(r,o,s);if(a.operator!==r.name)throw new Error(`Cannot invert "${e}" operator parser because it returns a complex Condition`);a.operator=e;return new t.CompoundCondition("NOT",[a])}})};const v={equals:a,not:i,in:c,notIn:g("in",c),lt:u,lte:u,gt:u,gte:u,mode:p,startsWith:y,endsWith:y,contains:y,isEmpty:d,has:w,hasSome:h,hasEvery:h,NOT:f,AND:f,OR:f,every:b,some:b,none:g("some",b),is:b,isNot:g("is",b),isSet:d};class A extends t.ObjectQueryParser{constructor(){super(v,{defaultOperatorName:"equals"})}parse(e,r){if(r&&r.field)return t.buildAnd(this.parseFieldOperators(r.field,e));return super.parse(e)}}const m=(t,e,{get:r})=>r(e,t.field).startsWith(t.value);const O=(t,e,{get:r})=>r(e,t.field).toLowerCase().startsWith(t.value.toLowerCase());const j=(t,e,{get:r})=>r(e,t.field).endsWith(t.value);const x=(t,e,{get:r})=>r(e,t.field).toLowerCase().endsWith(t.value.toLowerCase());const N=(t,e,{get:r})=>r(e,t.field).includes(t.value);const $=(t,e,{get:r})=>r(e,t.field).toLowerCase().includes(t.value.toLowerCase());const q=(t,e,{get:r})=>{const n=r(e,t.field);const o=Array.isArray(n)&&n.length===0;return o===t.value};const E=(t,e,{get:r})=>{const n=r(e,t.field);return Array.isArray(n)&&n.includes(t.value)};const S=(t,e,{get:r})=>{const n=r(e,t.field);return Array.isArray(n)&&t.value.some((t=>n.includes(t)))};const T=(t,e,{get:r})=>{const n=r(e,t.field);return Array.isArray(n)&&t.value.every((t=>n.includes(t)))};const W=(t,e,{get:r,interpret:n})=>{const o=r(e,t.field);return Array.isArray(o)&&o.length>0&&o.every((e=>n(t.value,e)))};const _=(t,e,{get:r,interpret:n})=>{const o=r(e,t.field);return Array.isArray(o)&&o.some((e=>n(t.value,e)))};const D=(t,e,{get:r,interpret:n})=>{const o=r(e,t.field);return o&&typeof o==="object"&&n(t.value,o)};const C=(t,e,{interpret:r})=>t.value.every((t=>!r(t,e)));const F=(t,e,{get:r})=>{const n=r(e,t.field);return n!==void 0};function I(t){return t&&typeof t==="object"?t.valueOf():t}const M=(t,r)=>e.compare(I(t),I(r));const P=e.createJsInterpreter({equals:e.eq,notEquals:e.ne,in:e.within,lt:e.lt,lte:e.lte,gt:e.gt,gte:e.gte,startsWith:m,istartsWith:O,endsWith:j,iendsWith:x,contains:N,icontains:$,isEmpty:q,has:E,hasSome:S,hasEvery:T,and:e.and,or:e.or,AND:e.and,OR:e.or,NOT:C,every:W,some:_,is:D,isSet:F},{get:(t,e)=>t[e],compare:M});const R=new A;const J=t.createTranslatorFactory(R.parse,P);function k(t){return t.inverted?{NOT:t.conditions}:t.conditions}const z={get(t,e){const o=r.rulesToQuery(t.t,t.o,e,k);if(o===null){const r=n.ForbiddenError.from(t.t).setMessage(`It's not allowed to run "${t.o}" on "${e}"`);r.action=t.o;r.subjectType=r.subject=e;throw r}const s=Object.create(null);if(o.$or)s.OR=o.$or;if(o.$and)s.AND=o.$and;return s}};const B=()=>function t(e,r="read"){return new Proxy({t:e,o:r},z)};function G(t,e="read"){return new Proxy({t:t,o:e},z)}function createAbilityFactory(){function createAbility(t=[],e={}){return new n.PureAbility(t,Object.assign({},e,{conditionsMatcher:J,fieldMatcher:n.fieldPatternMatcher}))}return createAbility}exports.ParsingQueryError=o;exports.accessibleBy=G;exports.createAbilityFactory=createAbilityFactory;exports.createAccessibleByFactory=B;exports.prismaQuery=J; //# sourceMappingURL=runtime.js.map