Opentalent
/
app_vue2


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167
							import { $accessProfile } from '@/services/profile/accessProfile'
import { $organizationProfile } from '@/services/profile/organizationProfile'
import { Ability } from '@casl/ability'
import * as _ from 'lodash'
import { $roleUtils } from '~/services/rights/roleUtils'
import { AbilitiesType, AnyJson, AnyStore } from '~/types/interfaces'
import Serializer from '~/services/serializer/serializer'
import { DENORMALIZER_TYPE } from '~/types/enums'

/**
 * @category Services/droits
 * @class AbilitiesUtils
 * Classe permettant de mener des opérations sur les habilités
 */
class AbilitiesUtils {
  private $store: AnyStore = {} as AnyStore
  private $ability: Ability = {} as Ability
  private factory: AnyJson = {}

  /**
   * @constructor
   */
  constructor (store: AnyStore, ability: Ability) {
    this.$store = store
    this.$ability = ability
  }

  /**
   * retourne la factory des services
   * @return {AnyJson} factory
   */
  getFactory () {
    return this.factory
  }

  /**
   * Initialise les services factories
   */
  initFactory () {
    this.factory = {
      access: $accessProfile(this.$store, this.$ability),
      organization: $organizationProfile(this.$store)
    }
  }

  /**
   * Set les abilities de l'utilisateur à chaque fois qu'on update son profile
   */
  setAbilities () {
    // Nécessaire pour que l'update des habilités soit correcte après la phase SSR
    this.$ability.update(this.$store.state.profile.access.abilities)

    // Au moment où l'on effectue un SetProfile via le store Organization, il faut aller récupérer
    // les différentes habilitées que l'utilisateur peut effectuer. (Tout cela se passe en SSR)
    const unsubscribe = this.$store.subscribeAction({
      after: (action, _state) => {
        // On récupère les habilités
        const abilities = this.getAbilities()

        switch (action.type) {
          case 'profile/organization/setProfile':
            // On les store puis on update le service ability pour le mettre à jour.
            this.$store.commit('profile/access/setAbilities', abilities)
            this.$ability.update(abilities)
            // Unsubscribe pour éviter les memory leaks
            unsubscribe()
            break
        }
      }
    })
  }

  /**
   * Récupération de l'ensemble des abilities qu'elles soient par Roles ou par Config.
   * @return {Array<AbilitiesType>}
   */
  getAbilities (): Array<AbilitiesType> {
    const abilitiesByRoles = this.getAbilitiesByRoles(this.$store.state.profile.access.roles)
    this.$ability.update(abilitiesByRoles)
    this.initFactory()
    return abilitiesByRoles.concat(this.getAbilitiesByConfig('./config/abilities/config.yaml'))
  }

  /**
   * Adaptation et transformations des roles en abilities
   * @param {Array<string>} roles
   * @return {Array<AbilitiesType>}
   */
  getAbilitiesByRoles (roles: Array<string>): Array<AbilitiesType> {
    roles = $roleUtils.transformUnderscoreToHyphenBeforeCompleteMigration(roles)
    return $roleUtils.transformRoleToAbilities(roles)
  }

  /**
   * - Parcours la config d'abilities en Yaml
   * - filtres la config pour ne garder que les abilities autorisées
   * - transform la config restante en Object Abilities
   * @param {string} configPath
   * @return {Array<AbilitiesType>}
   */
  getAbilitiesByConfig (configPath: string): Array<AbilitiesType> {
    let abilitiesByConfig: Array<AbilitiesType> = []
    try {
      const doc = Serializer.denormalize({ path: configPath }, DENORMALIZER_TYPE.YAML)
      const abilitiesAvailable = doc.abilities
      const abilitiesFiltered = this.abilitiesAvailableFilter(abilitiesAvailable)
      abilitiesByConfig = this.transformAbilitiesConfigToAbility(abilitiesFiltered)
    } catch (e) {
      throw new Error(e.message)
    }
    return abilitiesByConfig
  }

  /**
   * Filtre toutes les abilities possible suivant si l'utilisateur est autorisé ou non à les posséder
   * @param {AnyJson} abilitiesAvailable
   * @return {AnyJson}
   */
  abilitiesAvailableFilter (abilitiesAvailable:AnyJson):AnyJson {
    return _.pickBy(abilitiesAvailable, (ability:any) => {
      const services = ability.services
      return this.canHaveTheAbility(services)
    })
  }

  /**
   * Transform une config d'abilities en un tableau d'Abilities
   * @param {AnyJson} abilitiesAvailable
   * @return {Array<AbilitiesType>}
   */
  transformAbilitiesConfigToAbility (abilitiesAvailable: AnyJson): Array<AbilitiesType> {
    const abilitiesByConfig: Array<AbilitiesType> = []
    _.each(abilitiesAvailable, (ability, subject) => {
      const myAbility: AbilitiesType = {
        action: ability.action,
        subject
      }
      abilitiesByConfig.push(myAbility)
    })
    return abilitiesByConfig
  }

  /**
   * Parcourt les fonctions par services et établit si oui ou non l'habilité est autorisée
   * @param {AnyJson} functionByServices
   * @return {boolean}
   */
  canHaveTheAbility (functionByServices: AnyJson) {
    let hasAbility = true
    _.each(functionByServices, (functions, service) => {
      if (hasAbility) {
        const nbFunctions = functions.length
        let cmpt = 0
        while (hasAbility && nbFunctions > cmpt) {
          const f = functions[cmpt].function
          const parameters = functions[cmpt].parameters ?? null
          const result = functions[cmpt].result ?? null
          hasAbility = result !== null ? this.factory[service].handler()[f](parameters) == result : this.factory[service].handler()[f](parameters)
          cmpt++
        }
      }
    })
    return hasAbility
  }
}

export const $abilitiesUtils = (store: AnyStore, ability:Ability) => new AbilitiesUtils(store, ability)