Skip to content

Commit 1b4d839

Browse files
ymc9ymc9
authored
merge dev to main (#637)
2 parents 0a60ddc + 9a35f88 commit 1b4d839

File tree

30 files changed

+620
-146
lines changed

30 files changed

+620
-146
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "zenstack-monorepo",
3-
"version": "1.0.0-beta.18",
3+
"version": "1.0.0-beta.19",
44
"description": "",
55
"scripts": {
66
"build": "pnpm -r build",

packages/language/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@zenstackhq/language",
3-
"version": "1.0.0-beta.18",
3+
"version": "1.0.0-beta.19",
44
"displayName": "ZenStack modeling language compiler",
55
"description": "ZenStack modeling language compiler",
66
"homepage": "https://zenstack.dev",

packages/plugins/openapi/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "@zenstackhq/openapi",
33
"displayName": "ZenStack Plugin and Runtime for OpenAPI",
4-
"version": "1.0.0-beta.18",
4+
"version": "1.0.0-beta.19",
55
"description": "ZenStack plugin and runtime supporting OpenAPI",
66
"main": "index.js",
77
"repository": {

packages/plugins/swr/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "@zenstackhq/swr",
33
"displayName": "ZenStack plugin for generating SWR hooks",
4-
"version": "1.0.0-beta.18",
4+
"version": "1.0.0-beta.19",
55
"description": "ZenStack plugin for generating SWR hooks",
66
"main": "index.js",
77
"repository": {

packages/plugins/tanstack-query/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "@zenstackhq/tanstack-query",
33
"displayName": "ZenStack plugin for generating tanstack-query hooks",
4-
"version": "1.0.0-beta.18",
4+
"version": "1.0.0-beta.19",
55
"description": "ZenStack plugin for generating tanstack-query hooks",
66
"main": "index.js",
77
"exports": {

packages/plugins/trpc/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "@zenstackhq/trpc",
33
"displayName": "ZenStack plugin for tRPC",
4-
"version": "1.0.0-beta.18",
4+
"version": "1.0.0-beta.19",
55
"description": "ZenStack plugin for tRPC",
66
"main": "index.js",
77
"repository": {

packages/runtime/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "@zenstackhq/runtime",
33
"displayName": "ZenStack Runtime Library",
4-
"version": "1.0.0-beta.18",
4+
"version": "1.0.0-beta.19",
55
"description": "Runtime of ZenStack for both client-side and server-side environments.",
66
"repository": {
77
"type": "git",

packages/runtime/src/enhancements/policy/handler.ts

Lines changed: 22 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
6565
}
6666

6767
args = this.utils.clone(args);
68-
if (!(await this.utils.injectForRead(this.model, args))) {
68+
if (!(await this.utils.injectForRead(this.prisma, this.model, args))) {
6969
return null;
7070
}
7171

@@ -86,7 +86,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
8686
}
8787

8888
args = this.utils.clone(args);
89-
if (!(await this.utils.injectForRead(this.model, args))) {
89+
if (!(await this.utils.injectForRead(this.prisma, this.model, args))) {
9090
throw this.utils.notFound(this.model);
9191
}
9292

@@ -100,7 +100,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
100100

101101
async findFirst(args: any) {
102102
args = args ? this.utils.clone(args) : {};
103-
if (!(await this.utils.injectForRead(this.model, args))) {
103+
if (!(await this.utils.injectForRead(this.prisma, this.model, args))) {
104104
return null;
105105
}
106106

@@ -114,7 +114,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
114114

115115
async findFirstOrThrow(args: any) {
116116
args = args ? this.utils.clone(args) : {};
117-
if (!(await this.utils.injectForRead(this.model, args))) {
117+
if (!(await this.utils.injectForRead(this.prisma, this.model, args))) {
118118
throw this.utils.notFound(this.model);
119119
}
120120

@@ -128,7 +128,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
128128

129129
async findMany(args: any) {
130130
args = args ? this.utils.clone(args) : {};
131-
if (!(await this.utils.injectForRead(this.model, args))) {
131+
if (!(await this.utils.injectForRead(this.prisma, this.model, args))) {
132132
return [];
133133
}
134134

@@ -152,7 +152,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
152152
throw prismaClientValidationError(this.prisma, 'data field is required in query argument');
153153
}
154154

155-
await this.utils.tryReject(this.model, 'create');
155+
await this.utils.tryReject(this.prisma, this.model, 'create');
156156

157157
const origArgs = args;
158158
args = this.utils.clone(args);
@@ -404,7 +404,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
404404
throw prismaClientValidationError(this.prisma, 'data field is required in query argument');
405405
}
406406

407-
this.utils.tryReject(this.model, 'create');
407+
this.utils.tryReject(this.prisma, this.model, 'create');
408408

409409
args = this.utils.clone(args);
410410

@@ -635,7 +635,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
635635
}
636636

637637
if (thisModelUpdate) {
638-
this.utils.tryReject(this.model, 'update');
638+
this.utils.tryReject(db, this.model, 'update');
639639

640640
// check pre-update guard
641641
await this.utils.checkPolicyForUnique(model, uniqueFilter, 'update', db);
@@ -660,7 +660,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
660660

661661
updateMany: async (model, args, context) => {
662662
// injects auth guard into where clause
663-
await this.utils.injectAuthGuard(args, model, 'update');
663+
await this.utils.injectAuthGuard(db, args, model, 'update');
664664

665665
// prepare for post-update check
666666
if (this.utils.hasAuthGuard(model, 'postUpdate') || this.utils.getZodSchema(model)) {
@@ -671,7 +671,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
671671
}
672672
const reversedQuery = await this.utils.buildReversedQuery(context);
673673
const currentSetQuery = { select, where: reversedQuery };
674-
await this.utils.injectAuthGuard(currentSetQuery, model, 'read');
674+
await this.utils.injectAuthGuard(db, currentSetQuery, model, 'read');
675675

676676
if (this.shouldLogQuery) {
677677
this.logger.info(`[policy] \`findMany\` ${model}:\n${formatObject(currentSetQuery)}`);
@@ -794,7 +794,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
794794

795795
deleteMany: async (model, args, context) => {
796796
// inject delete guard
797-
const guard = await this.utils.getAuthGuard(model, 'delete');
797+
const guard = await this.utils.getAuthGuard(db, model, 'delete');
798798
context.parent.deleteMany = this.utils.and(args, guard);
799799
},
800800
});
@@ -822,10 +822,10 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
822822
throw prismaClientValidationError(this.prisma, 'data field is required in query argument');
823823
}
824824

825-
await this.utils.tryReject(this.model, 'update');
825+
await this.utils.tryReject(this.prisma, this.model, 'update');
826826

827827
args = this.utils.clone(args);
828-
await this.utils.injectAuthGuard(args, this.model, 'update');
828+
await this.utils.injectAuthGuard(this.prisma, args, this.model, 'update');
829829

830830
if (this.utils.hasAuthGuard(this.model, 'postUpdate') || this.utils.getZodSchema(this.model)) {
831831
// use a transaction to do post-update checks
@@ -838,7 +838,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
838838
select = { ...select, ...preValueSelect };
839839
}
840840
const currentSetQuery = { select, where: args.where };
841-
await this.utils.injectAuthGuard(currentSetQuery, this.model, 'read');
841+
await this.utils.injectAuthGuard(tx, currentSetQuery, this.model, 'read');
842842

843843
if (this.shouldLogQuery) {
844844
this.logger.info(`[policy] \`findMany\` ${this.model}: ${formatObject(currentSetQuery)}`);
@@ -885,8 +885,8 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
885885
throw prismaClientValidationError(this.prisma, 'update field is required in query argument');
886886
}
887887

888-
await this.utils.tryReject(this.model, 'create');
889-
await this.utils.tryReject(this.model, 'update');
888+
await this.utils.tryReject(this.prisma, this.model, 'create');
889+
await this.utils.tryReject(this.prisma, this.model, 'update');
890890

891891
// We can call the native "upsert" because we can't tell if an entity was created or updated
892892
// for doing post-write check accordingly. Instead, decompose it into create or update.
@@ -930,7 +930,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
930930
throw prismaClientValidationError(this.prisma, 'where field is required in query argument');
931931
}
932932

933-
await this.utils.tryReject(this.model, 'delete');
933+
await this.utils.tryReject(this.prisma, this.model, 'delete');
934934

935935
const { result, error } = await this.transaction(async (tx) => {
936936
// do a read-back before delete
@@ -961,11 +961,11 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
961961
}
962962

963963
async deleteMany(args: any) {
964-
await this.utils.tryReject(this.model, 'delete');
964+
await this.utils.tryReject(this.prisma, this.model, 'delete');
965965

966966
// inject policy conditions
967967
args = args ?? {};
968-
await this.utils.injectAuthGuard(args, this.model, 'delete');
968+
await this.utils.injectAuthGuard(this.prisma, args, this.model, 'delete');
969969

970970
// conduct the deletion
971971
if (this.shouldLogQuery) {
@@ -984,7 +984,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
984984
}
985985

986986
// inject policy conditions
987-
await this.utils.injectAuthGuard(args, this.model, 'read');
987+
await this.utils.injectAuthGuard(this.prisma, args, this.model, 'read');
988988

989989
if (this.shouldLogQuery) {
990990
this.logger.info(`[policy] \`aggregate\` ${this.model}:\n${formatObject(args)}`);
@@ -998,7 +998,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
998998
}
999999

10001000
// inject policy conditions
1001-
await this.utils.injectAuthGuard(args, this.model, 'read');
1001+
await this.utils.injectAuthGuard(this.prisma, args, this.model, 'read');
10021002

10031003
if (this.shouldLogQuery) {
10041004
this.logger.info(`[policy] \`groupBy\` ${this.model}:\n${formatObject(args)}`);
@@ -1009,7 +1009,7 @@ export class PolicyProxyHandler<DbClient extends DbClientContract> implements Pr
10091009
async count(args: any) {
10101010
// inject policy conditions
10111011
args = args ?? {};
1012-
await this.utils.injectAuthGuard(args, this.model, 'read');
1012+
await this.utils.injectAuthGuard(this.prisma, args, this.model, 'read');
10131013

10141014
if (this.shouldLogQuery) {
10151015
this.logger.info(`[policy] \`count\` ${this.model}:\n${formatObject(args)}`);

0 commit comments

Comments
 (0)