UNPKG

payload

Version:

Node, React, Headless CMS and Application Framework built on Next.js

payloadcms.com

payloadcms/payload

88 lines (87 loc) 2.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// @ts-strict-ignore import executeAccess from '../auth/executeAccess.js'; import { QueryError } from '../errors/QueryError.js'; import { combineQueries } from './combineQueries.js'; import { validateQueryPaths } from './queryValidation/validateQueryPaths.js'; const sanitizeJoinFieldQuery = async ({ collectionSlug, errors, join, joinsQuery, overrideAccess, promises, req })=>{ const { joinPath } = join; if (joinsQuery[joinPath] === false) { return; } const joinCollectionConfig = req.payload.collections[collectionSlug].config; const accessResult = !overrideAccess ? await executeAccess({ disableErrors: true, req }, joinCollectionConfig.access.read) : true; if (accessResult === false) { joinsQuery[joinPath] = false; return; } if (!joinsQuery[joinPath]) { joinsQuery[joinPath] = {}; } const joinQuery = joinsQuery[joinPath]; if (!joinQuery.where) { joinQuery.where = {}; } if (join.field.where) { joinQuery.where = combineQueries(joinQuery.where, join.field.where); } promises.push(validateQueryPaths({ collectionConfig: joinCollectionConfig, errors, overrideAccess, req, // incoming where input, but we shouldn't validate generated from the access control. where: joinQuery.where })); if (typeof accessResult === 'object') { joinQuery.where = combineQueries(joinQuery.where, accessResult); } }; /** * * Validates `where` for each join * * Combines the access result for joined collection * * Combines the default join's `where` */ export const sanitizeJoinQuery = async ({ collectionConfig, joins: joinsQuery, overrideAccess, req })=>{ if (joinsQuery === false) { return false; } if (!joinsQuery) { joinsQuery = {}; } const errors = []; const promises = []; for(const collectionSlug in collectionConfig.joins){ for (const join of collectionConfig.joins[collectionSlug]){ await sanitizeJoinFieldQuery({ collectionSlug, errors, join, joinsQuery, overrideAccess, promises, req }); } } for (const join of collectionConfig.polymorphicJoins){ for (const collectionSlug of join.field.collection){ await sanitizeJoinFieldQuery({ collectionSlug, errors, join, joinsQuery, overrideAccess, promises, req }); } } await Promise.all(promises); if (errors.length > 0) { throw new QueryError(errors); } return joinsQuery; }; //# sourceMappingURL=sanitizeJoinQuery.js.map