@ackplus/nest-auth 0.1.35 → 0.1.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/lib/auth/guards/permissions.guard.d.ts +8 -0
- package/src/lib/auth/guards/permissions.guard.js +51 -0
- package/src/lib/auth/guards/permissions.guard.js.map +1 -0
- package/src/lib/auth/index.d.ts +1 -0
- package/src/lib/auth/index.js +1 -0
- package/src/lib/auth/index.js.map +1 -1
- package/src/lib/core/decorators/permissions.decorator.d.ts +2 -0
- package/src/lib/core/decorators/permissions.decorator.js +14 -0
- package/src/lib/core/decorators/permissions.decorator.js.map +1 -0
- package/src/lib/core/index.d.ts +1 -0
- package/src/lib/core/index.js +1 -0
- package/src/lib/core/index.js.map +1 -1
package/package.json
CHANGED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class NestAuthPermissionsGuard implements CanActivate {
|
|
4
|
+
private reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
private getUserPermissions;
|
|
8
|
+
}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NestAuthPermissionsGuard = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("@nestjs/common");
|
|
6
|
+
const core_1 = require("@nestjs/core");
|
|
7
|
+
const permissions_decorator_1 = require("../../core/decorators/permissions.decorator");
|
|
8
|
+
let NestAuthPermissionsGuard = class NestAuthPermissionsGuard {
|
|
9
|
+
constructor(reflector) {
|
|
10
|
+
this.reflector = reflector;
|
|
11
|
+
}
|
|
12
|
+
canActivate(context) {
|
|
13
|
+
let requiredPermissions = this.reflector.getAllAndOverride(permissions_decorator_1.PERMISSIONS_KEY, [context.getHandler(), context.getClass()]);
|
|
14
|
+
if (!requiredPermissions || requiredPermissions.length === 0) {
|
|
15
|
+
return true;
|
|
16
|
+
}
|
|
17
|
+
if (typeof requiredPermissions === 'string') {
|
|
18
|
+
requiredPermissions = [requiredPermissions];
|
|
19
|
+
}
|
|
20
|
+
const request = context.switchToHttp().getRequest();
|
|
21
|
+
const user = request.user;
|
|
22
|
+
if (!user || !user.roles || !Array.isArray(user.roles)) {
|
|
23
|
+
throw new common_1.ForbiddenException('Access denied: User not authenticated or no roles assigned');
|
|
24
|
+
}
|
|
25
|
+
const userPermissions = this.getUserPermissions(user.roles);
|
|
26
|
+
const hasAllPermissions = requiredPermissions.every(permission => userPermissions.includes(permission));
|
|
27
|
+
if (!hasAllPermissions) {
|
|
28
|
+
const missingPermissions = requiredPermissions.filter(permission => !userPermissions.includes(permission));
|
|
29
|
+
throw new common_1.ForbiddenException(`Access denied: Missing required permissions: ${missingPermissions.join(', ')}`);
|
|
30
|
+
}
|
|
31
|
+
return true;
|
|
32
|
+
}
|
|
33
|
+
getUserPermissions(roles) {
|
|
34
|
+
const permissions = new Set();
|
|
35
|
+
roles.forEach(role => {
|
|
36
|
+
if (!role.isActive) {
|
|
37
|
+
return;
|
|
38
|
+
}
|
|
39
|
+
if (role.permissions && Array.isArray(role.permissions)) {
|
|
40
|
+
role.permissions.forEach(permission => permissions.add(permission));
|
|
41
|
+
}
|
|
42
|
+
});
|
|
43
|
+
return Array.from(permissions);
|
|
44
|
+
}
|
|
45
|
+
};
|
|
46
|
+
exports.NestAuthPermissionsGuard = NestAuthPermissionsGuard;
|
|
47
|
+
exports.NestAuthPermissionsGuard = NestAuthPermissionsGuard = tslib_1.__decorate([
|
|
48
|
+
(0, common_1.Injectable)(),
|
|
49
|
+
tslib_1.__metadata("design:paramtypes", [core_1.Reflector])
|
|
50
|
+
], NestAuthPermissionsGuard);
|
|
51
|
+
//# sourceMappingURL=permissions.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissions.guard.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/guards/permissions.guard.ts"],"names":[],"mappings":";;;;AAAA,2CAA+F;AAC/F,uCAAyC;AACzC,uFAA8E;AAGvE,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;IACjC,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAI,CAAC;IAE7C,WAAW,CAAC,OAAyB;QAEjC,IAAI,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACtD,uCAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC7C,CAAC;QAGF,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3D,OAAO,IAAI,CAAC;QAChB,CAAC;QAGD,IAAI,OAAO,mBAAmB,KAAK,QAAQ,EAAE,CAAC;YAC1C,mBAAmB,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAG1B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,2BAAkB,CAAC,4DAA4D,CAAC,CAAC;QAC/F,CAAC;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAG5D,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAC7D,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACvC,CAAC;QAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACrB,MAAM,kBAAkB,GAAG,mBAAmB,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAC/D,CAAC,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CACxC,CAAC;YAEF,MAAM,IAAI,2BAAkB,CACxB,gDAAgD,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClF,CAAC;QACN,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAKO,kBAAkB,CAAC,KAAY;QACnC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QAEtC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAEjB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACjB,OAAO;YACX,CAAC;YAGD,IAAI,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC;YACxE,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;CACJ,CAAA;AArEY,4DAAwB;mCAAxB,wBAAwB;IADpC,IAAA,mBAAU,GAAE;6CAEsB,gBAAS;GAD/B,wBAAwB,CAqEpC"}
|
package/src/lib/auth/index.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export * from './guards/auth.guard';
|
|
2
2
|
export * from './guards/role.guard';
|
|
3
|
+
export * from './guards/permissions.guard';
|
|
3
4
|
export * from './events/logged-out-all.event';
|
|
4
5
|
export * from './events/logged-out.event';
|
|
5
6
|
export * from './events/password-reset-requested.event';
|
package/src/lib/auth/index.js
CHANGED
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
const tslib_1 = require("tslib");
|
|
4
4
|
tslib_1.__exportStar(require("./guards/auth.guard"), exports);
|
|
5
5
|
tslib_1.__exportStar(require("./guards/role.guard"), exports);
|
|
6
|
+
tslib_1.__exportStar(require("./guards/permissions.guard"), exports);
|
|
6
7
|
tslib_1.__exportStar(require("./events/logged-out-all.event"), exports);
|
|
7
8
|
tslib_1.__exportStar(require("./events/logged-out.event"), exports);
|
|
8
9
|
tslib_1.__exportStar(require("./events/password-reset-requested.event"), exports);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/auth/index.ts"],"names":[],"mappings":";;;AACA,8DAAoC;AACpC,8DAAoC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/auth/index.ts"],"names":[],"mappings":";;;AACA,8DAAoC;AACpC,8DAAoC;AACpC,qEAA2C;AAG3C,wEAA8C;AAC9C,oEAA0C;AAC1C,kFAAwD;AACxD,wEAA8C;AAC9C,2EAAiD;AACjD,wEAA8C;AAC9C,4EAAkD;AAClD,yEAA+C;AAG/C,kEAAwC;AACxC,oEAA0C;AAC1C,iEAAuC;AAGvC,wEAA8C;AAC9C,uEAA6C;AAG7C,2EAAiD;AACjD,4EAAkD;AAClD,kFAAwD;AACxD,qFAA2D;AAC3D,oFAA0D;AAC1D,mFAAyD;AACzD,mFAAyD;AACzD,gFAAsD;AACtD,uFAA6D;AAC7D,4EAAkD"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PERMISSIONS_KEY = void 0;
|
|
4
|
+
exports.NestAuthPermissions = NestAuthPermissions;
|
|
5
|
+
exports.PERMISSIONS_KEY = 'nest_auth_permissions';
|
|
6
|
+
function NestAuthPermissions(permissions) {
|
|
7
|
+
return (target, key, descriptor) => {
|
|
8
|
+
if (descriptor) {
|
|
9
|
+
Reflect.defineMetadata(exports.PERMISSIONS_KEY, permissions, descriptor.value);
|
|
10
|
+
}
|
|
11
|
+
return descriptor;
|
|
12
|
+
};
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=permissions.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissions.decorator.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/core/decorators/permissions.decorator.ts"],"names":[],"mappings":";;;AASA,kDAOC;AAdY,QAAA,eAAe,GAAG,uBAAuB,CAAC;AAOvD,SAAgB,mBAAmB,CAAC,WAA8B;IAC9D,OAAO,CAAC,MAAW,EAAE,GAAY,EAAE,UAA+B,EAAE,EAAE;QAClE,IAAI,UAAU,EAAE,CAAC;YACb,OAAO,CAAC,cAAc,CAAC,uBAAe,EAAE,WAAW,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;QAC3E,CAAC;QACD,OAAO,UAAU,CAAC;IACtB,CAAC,CAAC;AACN,CAAC"}
|
package/src/lib/core/index.d.ts
CHANGED
package/src/lib/core/index.js
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
const tslib_1 = require("tslib");
|
|
4
4
|
tslib_1.__exportStar(require("./decorators/role.decorator"), exports);
|
|
5
|
+
tslib_1.__exportStar(require("./decorators/permissions.decorator"), exports);
|
|
5
6
|
tslib_1.__exportStar(require("./decorators/skip-mfa.decorator"), exports);
|
|
6
7
|
tslib_1.__exportStar(require("./interfaces/auth-module-options.interface"), exports);
|
|
7
8
|
tslib_1.__exportStar(require("./interfaces/mfa-options.interface"), exports);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/index.ts"],"names":[],"mappings":";;;AACA,sEAA4C;AAC5C,0EAAgD;AAGhD,qFAA2D;AAC3D,6EAAmD;AACnD,iFAAuD;AACvD,+EAAqD;AAGrD,qDAA2B;AAG3B,qEAA2C;AAI3C,qFAA2D;AAC3D,6EAAmD;AACnD,iFAAuD;AACvD,+EAAqD;AACrD,qEAA2C;AAG3C,0EAAgD;AAChD,0EAAgD;AAChD,wEAA8C;AAC9C,2EAAiD;AACjD,6EAAmD;AACnD,0EAAgD;AAIhD,oFAA0D;AAC1D,iEAAuC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/nest-auth/src/lib/core/index.ts"],"names":[],"mappings":";;;AACA,sEAA4C;AAC5C,6EAAmD;AACnD,0EAAgD;AAGhD,qFAA2D;AAC3D,6EAAmD;AACnD,iFAAuD;AACvD,+EAAqD;AAGrD,qDAA2B;AAG3B,qEAA2C;AAI3C,qFAA2D;AAC3D,6EAAmD;AACnD,iFAAuD;AACvD,+EAAqD;AACrD,qEAA2C;AAG3C,0EAAgD;AAChD,0EAAgD;AAChD,wEAA8C;AAC9C,2EAAiD;AACjD,6EAAmD;AACnD,0EAAgD;AAIhD,oFAA0D;AAC1D,iEAAuC"}
|