UNPKG

payload

Version:

Node, React and MongoDB Headless CMS and Application Framework

payloadcms.com

payloadcms/payload

70 lines (69 loc) 6.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "default", { enumerable: true, get: function() { return _default; } }); const _errors = require("../errors"); const _executeAccess = /*#__PURE__*/ _interop_require_default(require("./executeAccess")); function _interop_require_default(obj) { return obj && obj.__esModule ? obj : { default: obj }; } const getExecuteStaticAccess = (config)=>async (req, res, next)=>{ if (req.method === 'OPTIONS') { return res.sendStatus(200); } try { if (req.path) { const accessResult = await (0, _executeAccess.default)({ isReadingStaticFile: true, req }, config.access.read); if (typeof accessResult === 'object') { const filename = decodeURI(req.path).replace(/^\/|\/$/g, ''); const queryToBuild = { and: [ { or: [ { filename: { equals: filename } } ] }, accessResult ] }; if (config.upload.imageSizes) { config.upload.imageSizes.forEach(({ name })=>{ queryToBuild.and[0].or.push({ [`sizes.${name}.filename`]: { equals: filename } }); }); } const doc = await req.payload.db.findOne({ collection: config.slug, req, where: queryToBuild }); if (!doc) { throw new _errors.Forbidden(req.t); } } } return next(); } catch (error) { return next(error); } }; const _default = getExecuteStaticAccess; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9hdXRoL2dldEV4ZWN1dGVTdGF0aWNBY2Nlc3MudHMiXSwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHR5cGUgeyBOZXh0RnVuY3Rpb24sIFJlc3BvbnNlIH0gZnJvbSAnZXhwcmVzcydcblxuaW1wb3J0IHR5cGUgeyBTYW5pdGl6ZWRDb2xsZWN0aW9uQ29uZmlnIH0gZnJvbSAnLi4vY29sbGVjdGlvbnMvY29uZmlnL3R5cGVzJ1xuaW1wb3J0IHR5cGUgeyBQYXlsb2FkUmVxdWVzdCB9IGZyb20gJy4uL2V4cHJlc3MvdHlwZXMnXG5pbXBvcnQgdHlwZSB7IFdoZXJlIH0gZnJvbSAnLi4vdHlwZXMnXG5cbmltcG9ydCB7IEZvcmJpZGRlbiB9IGZyb20gJy4uL2Vycm9ycydcbmltcG9ydCBleGVjdXRlQWNjZXNzIGZyb20gJy4vZXhlY3V0ZUFjY2VzcydcblxuY29uc3QgZ2V0RXhlY3V0ZVN0YXRpY0FjY2VzcyA9XG4gIChjb25maWc6IFNhbml0aXplZENvbGxlY3Rpb25Db25maWcpID0+XG4gIGFzeW5jIChyZXE6IFBheWxvYWRSZXF1ZXN0LCByZXM6IFJlc3BvbnNlLCBuZXh0OiBOZXh0RnVuY3Rpb24pID0+IHtcbiAgICBpZiAocmVxLm1ldGhvZCA9PT0gJ09QVElPTlMnKSB7XG4gICAgICByZXR1cm4gcmVzLnNlbmRTdGF0dXMoMjAwKVxuICAgIH1cblxuICAgIHRyeSB7XG4gICAgICBpZiAocmVxLnBhdGgpIHtcbiAgICAgICAgY29uc3QgYWNjZXNzUmVzdWx0ID0gYXdhaXQgZXhlY3V0ZUFjY2VzcyhcbiAgICAgICAgICB7IGlzUmVhZGluZ1N0YXRpY0ZpbGU6IHRydWUsIHJlcSB9LFxuICAgICAgICAgIGNvbmZpZy5hY2Nlc3MucmVhZCxcbiAgICAgICAgKVxuXG4gICAgICAgIGlmICh0eXBlb2YgYWNjZXNzUmVzdWx0ID09PSAnb2JqZWN0Jykge1xuICAgICAgICAgIGNvbnN0IGZpbGVuYW1lID0gZGVjb2RlVVJJKHJlcS5wYXRoKS5yZXBsYWNlKC9eXFwvfFxcLyQvZywgJycpXG5cbiAgICAgICAgICBjb25zdCBxdWVyeVRvQnVpbGQ6IFdoZXJlID0ge1xuICAgICAgICAgICAgYW5kOiBbXG4gICAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgICBvcjogW1xuICAgICAgICAgICAgICAgICAge1xuICAgICAgICAgICAgICAgICAgICBmaWxlbmFtZToge1xuICAgICAgICAgICAgICAgICAgICAgIGVxdWFsczogZmlsZW5hbWUsXG4gICAgICAgICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICAgICAgICB9LFxuICAgICAgICAgICAgICAgIF0sXG4gICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICAgIGFjY2Vzc1Jlc3VsdCxcbiAgICAgICAgICAgIF0sXG4gICAgICAgICAgfVxuXG4gICAgICAgICAgaWYgKGNvbmZpZy51cGxvYWQuaW1hZ2VTaXplcykge1xuICAgICAgICAgICAgY29uZmlnLnVwbG9hZC5pbWFnZVNpemVzLmZvckVhY2goKHsgbmFtZSB9KSA9PiB7XG4gICAgICAgICAgICAgIHF1ZXJ5VG9CdWlsZC5hbmRbMF0ub3IucHVzaCh7XG4gICAgICAgICAgICAgICAgW2BzaXplcy4ke25hbWV9LmZpbGVuYW1lYF06IHtcbiAgICAgICAgICAgICAgICAgIGVxdWFsczogZmlsZW5hbWUsXG4gICAgICAgICAgICAgICAgfSxcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgIH0pXG4gICAgICAgICAgfVxuXG4gICAgICAgICAgY29uc3QgZG9jID0gYXdhaXQgcmVxLnBheWxvYWQuZGIuZmluZE9uZSh7XG4gICAgICAgICAgICBjb2xsZWN0aW9uOiBjb25maWcuc2x1ZyxcbiAgICAgICAgICAgIHJlcSxcbiAgICAgICAgICAgIHdoZXJlOiBxdWVyeVRvQnVpbGQsXG4gICAgICAgICAgfSlcblxuICAgICAgICAgIGlmICghZG9jKSB7XG4gICAgICAgICAgICB0aHJvdyBuZXcgRm9yYmlkZGVuKHJlcS50KVxuICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgICAgfVxuXG4gICAgICByZXR1cm4gbmV4dCgpXG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIHJldHVybiBuZXh0KGVycm9yKVxuICAgIH1cbiAgfVxuXG5leHBvcnQgZGVmYXVsdCBnZXRFeGVjdXRlU3RhdGljQWNjZXNzXG4iXSwibmFtZXMiOlsiZ2V0RXhlY3V0ZVN0YXRpY0FjY2VzcyIsImNvbmZpZyIsInJlcSIsInJlcyIsIm5leHQiLCJtZXRob2QiLCJzZW5kU3RhdHVzIiwicGF0aCIsImFjY2Vzc1Jlc3VsdCIsImV4ZWN1dGVBY2Nlc3MiLCJpc1JlYWRpbmdTdGF0aWNGaWxlIiwiYWNjZXNzIiwicmVhZCIsImZpbGVuYW1lIiwiZGVjb2RlVVJJIiwicmVwbGFjZSIsInF1ZXJ5VG9CdWlsZCIsImFuZCIsIm9yIiwiZXF1YWxzIiwidXBsb2FkIiwiaW1hZ2VTaXplcyIsImZvckVhY2giLCJuYW1lIiwicHVzaCIsImRvYyIsInBheWxvYWQiLCJkYiIsImZpbmRPbmUiLCJjb2xsZWN0aW9uIiwic2x1ZyIsIndoZXJlIiwiRm9yYmlkZGVuIiwidCIsImVycm9yIl0sIm1hcHBpbmdzIjoiOzs7OytCQXFFQTs7O2VBQUE7Ozt3QkEvRDBCO3NFQUNBOzs7Ozs7QUFFMUIsTUFBTUEseUJBQ0osQ0FBQ0MsU0FDRCxPQUFPQyxLQUFxQkMsS0FBZUM7UUFDekMsSUFBSUYsSUFBSUcsTUFBTSxLQUFLLFdBQVc7WUFDNUIsT0FBT0YsSUFBSUcsVUFBVSxDQUFDO1FBQ3hCO1FBRUEsSUFBSTtZQUNGLElBQUlKLElBQUlLLElBQUksRUFBRTtnQkFDWixNQUFNQyxlQUFlLE1BQU1DLElBQUFBLHNCQUFhLEVBQ3RDO29CQUFFQyxxQkFBcUI7b0JBQU1SO2dCQUFJLEdBQ2pDRCxPQUFPVSxNQUFNLENBQUNDLElBQUk7Z0JBR3BCLElBQUksT0FBT0osaUJBQWlCLFVBQVU7b0JBQ3BDLE1BQU1LLFdBQVdDLFVBQVVaLElBQUlLLElBQUksRUFBRVEsT0FBTyxDQUFDLFlBQVk7b0JBRXpELE1BQU1DLGVBQXNCO3dCQUMxQkMsS0FBSzs0QkFDSDtnQ0FDRUMsSUFBSTtvQ0FDRjt3Q0FDRUwsVUFBVTs0Q0FDUk0sUUFBUU47d0NBQ1Y7b0NBQ0Y7aUNBQ0Q7NEJBQ0g7NEJBQ0FMO3lCQUNEO29CQUNIO29CQUVBLElBQUlQLE9BQU9tQixNQUFNLENBQUNDLFVBQVUsRUFBRTt3QkFDNUJwQixPQUFPbUIsTUFBTSxDQUFDQyxVQUFVLENBQUNDLE9BQU8sQ0FBQyxDQUFDLEVBQUVDLElBQUksRUFBRTs0QkFDeENQLGFBQWFDLEdBQUcsQ0FBQyxFQUFFLENBQUNDLEVBQUUsQ0FBQ00sSUFBSSxDQUFDO2dDQUMxQixDQUFDLENBQUMsTUFBTSxFQUFFRCxLQUFLLFNBQVMsQ0FBQyxDQUFDLEVBQUU7b0NBQzFCSixRQUFRTjtnQ0FDVjs0QkFDRjt3QkFDRjtvQkFDRjtvQkFFQSxNQUFNWSxNQUFNLE1BQU12QixJQUFJd0IsT0FBTyxDQUFDQyxFQUFFLENBQUNDLE9BQU8sQ0FBQzt3QkFDdkNDLFlBQVk1QixPQUFPNkIsSUFBSTt3QkFDdkI1Qjt3QkFDQTZCLE9BQU9mO29CQUNUO29CQUVBLElBQUksQ0FBQ1MsS0FBSzt3QkFDUixNQUFNLElBQUlPLGlCQUFTLENBQUM5QixJQUFJK0IsQ0FBQztvQkFDM0I7Z0JBQ0Y7WUFDRjtZQUVBLE9BQU83QjtRQUNULEVBQUUsT0FBTzhCLE9BQU87WUFDZCxPQUFPOUIsS0FBSzhCO1FBQ2Q7SUFDRjtNQUVGLFdBQWVsQyJ9