|
|
@@ -52,16 +52,16 @@ function appendUserACL(user){
|
|
|
if(!acl) acl = new Parse.ACL();
|
|
|
|
|
|
// 添加superadmin用户的可读可写权限
|
|
|
- acl.setWriteAccess("superadmin", true);
|
|
|
- acl.setReadAccess("superadmin", true);
|
|
|
+ acl.setRoleWriteAccess("superadmin", true);
|
|
|
+ acl.setRoleReadAccess("superadmin", true);
|
|
|
|
|
|
// 添加admin用户的可读可写权限
|
|
|
- acl.setWriteAccess("admin", true);
|
|
|
- acl.setReadAccess("admin", true);
|
|
|
+ acl.setRoleWriteAccess("admin", true);
|
|
|
+ acl.setRoleReadAccess("admin", true);
|
|
|
|
|
|
// 添加manager用户的可读可写权限
|
|
|
- acl.setWriteAccess("manager", true);
|
|
|
- acl.setReadAccess("manager", true);
|
|
|
+ acl.setRoleWriteAccess("manager", true);
|
|
|
+ acl.setRoleReadAccess("manager", true);
|
|
|
|
|
|
// 添加公共可读权限
|
|
|
acl.setPublicReadAccess(true);
|
|
|
@@ -73,7 +73,7 @@ function appendUserACL(user){
|
|
|
* 用户删除前,删除用户从Authing
|
|
|
*/
|
|
|
export function defineUserBeforeDelete(){
|
|
|
- Parse.Cloud.beforeDelete("_User", async (request) => {
|
|
|
+ Parse.Cloud.afterDelete("_User", async (request) => {
|
|
|
let user = request.object;
|
|
|
// console.log(user.toJSON());
|
|
|
// console.log(user?.get("password"))
|
|
|
@@ -90,7 +90,34 @@ function appendUserACL(user){
|
|
|
});
|
|
|
}
|
|
|
}catch(deleteErr){}
|
|
|
- });
|
|
|
+
|
|
|
+ // 直接给予删除权限
|
|
|
+ // if(request?.master){
|
|
|
+ // return await object.destroy({useMasterKey:true})
|
|
|
+ // }
|
|
|
+ // let requestUser = request.user;
|
|
|
+ // if(!requestUser?.id){
|
|
|
+ // throw new Parse.Error(206,"Insufficient auth.")
|
|
|
+ // }
|
|
|
+ // let query = new Parse.Query("_Role");
|
|
|
+ // query.equalTo("users",requestUser)
|
|
|
+ // let roles = await query.find({useMasterKey:true});
|
|
|
+
|
|
|
+ // let acl = request.object.getACL();
|
|
|
+ // if(!acl){
|
|
|
+ // throw new Parse.Error(206,"Object has no ACL.")
|
|
|
+ // }
|
|
|
+ // if(acl.getWriteAccess(requestUser)){
|
|
|
+ // return await request.object.destroy({useMasterKey:true})
|
|
|
+ // }else{
|
|
|
+
|
|
|
+ // let hasPermission = roles.some(role=>acl.getRoleWriteAccess(role.getName()))
|
|
|
+ // if(hasPermission) {
|
|
|
+ // return await request.object.destroy({useMasterKey:true})
|
|
|
+ // }
|
|
|
+ // throw new Parse.Error(206,"Insufficient auth.")
|
|
|
+ // }
|
|
|
+ });
|
|
|
}
|
|
|
/**
|
|
|
* 用户保存后同步数据至Authing
|
|
|
@@ -107,13 +134,46 @@ export function defineUserAfterSave(){
|
|
|
Parse.Cloud.afterSave("Profile", async (request) => {
|
|
|
// console.log("save Profile",request?.object?.id)
|
|
|
let query = new Parse.Query("Profile");
|
|
|
+ let userPointer = request?.object?.get("user")
|
|
|
query.include("user");
|
|
|
- profile = await query.get(request?.object?.id);
|
|
|
+ console.log(userPointer)
|
|
|
+ profile = await query.get(request?.object?.id,{useMasterKey:true});
|
|
|
syncUserProfileToAuthing(profile.get("user"),profile)
|
|
|
-
|
|
|
+
|
|
|
+ appandUserToRole(profile.get("user")?.toPointer() || userPointer,profile?.get("identity"))
|
|
|
});
|
|
|
}
|
|
|
|
|
|
+// 同步Profile角色身份
|
|
|
+var roleNameMap = {
|
|
|
+ "国家级管理员":"superadmin",
|
|
|
+ "工作联系人":"admin",
|
|
|
+ "高校联系人":"manager",
|
|
|
+}
|
|
|
+async function appandUserToRole(user,roleName) {
|
|
|
+ console.log(user,roleName)
|
|
|
+ roleName = roleNameMap[roleName] || roleName
|
|
|
+ let id = user?.id || user?.objectId
|
|
|
+ if(!id || !roleName) return
|
|
|
+ let userObj = new Parse.User();
|
|
|
+ userObj.id = id;
|
|
|
+ let query = new Parse.Query(Parse.Role);
|
|
|
+ query.equalTo("name", roleName);
|
|
|
+ try{
|
|
|
+ let role = await query.first({ useMasterKey: true });
|
|
|
+ console.log(role?.toJSON())
|
|
|
+ if (role?.toJSON()?.name) {
|
|
|
+ let usersRelation = role.relation("users");
|
|
|
+ usersRelation.add(userObj);
|
|
|
+ await role.save(null, { useMasterKey: true });
|
|
|
+ let users = await usersRelation.query().find({ useMasterKey: true });
|
|
|
+ console.log('Users in role after addition:', users.map(u => u.toJSON()));
|
|
|
+ }
|
|
|
+ }catch(err){
|
|
|
+ console.error(err)
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
/**
|
|
|
* 查询用户
|
|
|
* @param {*} user
|
warrior