@bearei/server-common 0.0.47 → 0.0.49
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/access/access.guard.js +3 -9
- package/dist/access/access.guard.js.map +1 -1
- package/dist/external/external.interface.d.ts +2 -0
- package/dist/external/external.service.js +1 -6
- package/dist/external/external.service.js.map +1 -1
- package/dist/permission/permission.guard.js +13 -3
- package/dist/permission/permission.guard.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
|
@@ -41,19 +41,13 @@ let AccessGuard = class AccessGuard {
|
|
|
41
41
|
return true;
|
|
42
42
|
}
|
|
43
43
|
const token = (0, util_1.formatToken)(headers);
|
|
44
|
-
!token &&
|
|
45
|
-
(0, util_1.throwAPIError)({
|
|
46
|
-
code: 401001,
|
|
47
|
-
message: 'Token does not exist'
|
|
48
|
-
})(app_interface_1.APIError.UNAUTHORIZED);
|
|
44
|
+
!token && (0, util_1.throwAPIError)({ code: 401001, message: 'Token does not exist' })(app_interface_1.APIError.UNAUTHORIZED);
|
|
49
45
|
return this.authenticationService.authenticationAccess(headers).then(payload => {
|
|
50
46
|
payload.sub === 'guest' &&
|
|
51
47
|
!requiredAccesses?.includes(access_interface_1.Access.GUEST) &&
|
|
52
|
-
(0, util_1.throwAPIError)({
|
|
53
|
-
code: 401002,
|
|
54
|
-
message: 'The current resource is not accessible to guest users'
|
|
55
|
-
})(app_interface_1.APIError.UNAUTHORIZED);
|
|
48
|
+
(0, util_1.throwAPIError)({ code: 401002, message: 'The current resource is not accessible to guest users' })(app_interface_1.APIError.UNAUTHORIZED);
|
|
56
49
|
request['subject'] = payload.sub;
|
|
50
|
+
request['issuer'] = payload.iss;
|
|
57
51
|
return true;
|
|
58
52
|
});
|
|
59
53
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AACzC,sDAAuD;AAEvD,kCAAkD;AAClD,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,QAAQ,GAAG,CAAC,yBAAM,CAAC,KAAK,EAAE,yBAAM,CAAC,IAAI,CAAC,CAAA;QAC5C,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,cAAc,GAAG;YACnB,OAAO,CAAC,qBAAqB,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;YAChC,gBAAgB,EAAE,MAAM,IAAI,gBAAgB,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;SAC1F,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAEf,IAAI,cAAc,EAAE,CAAC;YACjB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAA;QAElC,CAAC,KAAK
|
|
1
|
+
{"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AACzC,sDAAuD;AAEvD,kCAAkD;AAClD,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,QAAQ,GAAG,CAAC,yBAAM,CAAC,KAAK,EAAE,yBAAM,CAAC,IAAI,CAAC,CAAA;QAC5C,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,cAAc,GAAG;YACnB,OAAO,CAAC,qBAAqB,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;YAChC,gBAAgB,EAAE,MAAM,IAAI,gBAAgB,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;SAC1F,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAEf,IAAI,cAAc,EAAE,CAAC;YACjB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAA;QAElC,CAAC,KAAK,IAAI,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAA;QAE/F,OAAO,IAAI,CAAC,qBAAqB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;YAC3E,OAAO,CAAC,GAAG,KAAK,OAAO;gBACnB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,yBAAM,CAAC,KAAK,CAAC;gBACzC,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,uDAAuD,EAAC,CAAC,CAC3F,wBAAQ,CAAC,YAAY,CACxB,CAAA;YAEL,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAChC,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAE/B,OAAO,IAAI,CAAA;QACf,CAAC,CAAC,CAAA;IACN,CAAC;CACJ,CAAA;AA1CY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QACjC,gBAAS;GAHhC,WAAW,CA0CvB"}
|
|
@@ -19,6 +19,7 @@ export interface CreateExternalActionLogOptions {
|
|
|
19
19
|
serviceName: string;
|
|
20
20
|
}
|
|
21
21
|
export interface AuthenticationExternalPermissionOptions {
|
|
22
|
+
domainId: string;
|
|
22
23
|
keys: Permission[];
|
|
23
24
|
userId: string;
|
|
24
25
|
}
|
|
@@ -36,4 +37,5 @@ export interface APIRequest {
|
|
|
36
37
|
headers: APIHeaders;
|
|
37
38
|
params: Record<string, string>;
|
|
38
39
|
subject: string;
|
|
40
|
+
issuer: string;
|
|
39
41
|
}
|
|
@@ -24,12 +24,7 @@ let ExternalService = class ExternalService {
|
|
|
24
24
|
this.httpService = httpService;
|
|
25
25
|
}
|
|
26
26
|
async authenticationUserAccess(headers) {
|
|
27
|
-
return this.request({
|
|
28
|
-
headers,
|
|
29
|
-
method: 'GET',
|
|
30
|
-
path: '/user-authentications/access',
|
|
31
|
-
serviceName: 'bearei-users'
|
|
32
|
-
});
|
|
27
|
+
return this.request({ headers, method: 'GET', path: '/user-authentications/access', serviceName: 'bearei-users' });
|
|
33
28
|
}
|
|
34
29
|
authenticationUserPermission(headers) {
|
|
35
30
|
return async (options) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,+BAA+C;AAC/C,oDAAqD;AACrD,kCAAqC;AAU9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,aAA4B,EAC5B,WAAwB;QADxB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;IAC1C,CAAC;IAEJ,KAAK,CAAC,wBAAwB,CAAC,OAAmB;QAC9C,OAAO,IAAI,CAAC,OAAO,CAAC
|
|
1
|
+
{"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,+BAA+C;AAC/C,oDAAqD;AACrD,kCAAqC;AAU9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,aAA4B,EAC5B,WAAwB;QADxB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;IAC1C,CAAC;IAEJ,KAAK,CAAC,wBAAwB,CAAC,OAAmB;QAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,EAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,8BAA8B,EAAE,WAAW,EAAE,cAAc,EAAC,CAAC,CAAA;IACpH,CAAC;IAED,4BAA4B,CAAC,OAAmB;QAC5C,OAAO,KAAK,EAAE,OAAgD,EAAoC,EAAE;YAChG,OAAO,IAAI,CAAC,OAAO,CAAC;gBAChB,OAAO;gBACP,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,cAAc;aAC9B,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,eAAe,CAAC,OAAmB;QAC/B,OAAO,KAAK,EAAE,EAAC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAiC,EAAE,EAAE;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC;gBACf,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE;oBACF,GAAG,IAAI;oBACP,MAAM;oBACN,OAAO,EAAE,GAAG,MAAM,IAAI,WAAW,EAAE;oBACnC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;oBAC5B,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;oBACjC,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC;oBACpB,SAAS,EAAE,OAAO,CAAC,eAAe,CAAC;oBACnC,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;oBAClD,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC;oBAChC,MAAM,EAAE,OAAO,CAAC,kBAAkB,CAAC;iBACtC;gBACD,OAAO;aACV,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EACV,OAAO,EACP,OAAO,EACP,MAAM,GAAG,KAAK,EACd,MAAM,EACN,IAAI,GAAG,GAAG,EACV,WAAW,EACX,OAAO,EACP,OAAO,EACP,GAAG,OAAO,EACG;QACb,MAAM,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,CAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;aACjB,MAAM,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;aACpE,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAC,CAAC,CAAC;aAChF,MAAM,CAAC,CAAC,WAAW,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC,EAAC,GAAG,WAAW,EAAE,GAAG,YAAY,EAAC,CAAC,EAAE,EAAE,CAAC,CAAA;QAEvF,OAAO,IAAA,qBAAc,EACjB,IAAI,CAAC,WAAW;aACX,OAAO,CAAC;YACL,GAAG,OAAO;YACV,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC5D,OAAO,EAAE;gBACL,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,CAAC;gBAC/C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC;gBACjC,qBAAqB,EAAE,OAAO,CAAC,qBAAqB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;gBAC9F,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;gBACzB,eAAe,EAAE,OAAO,CAAC,eAAe,CAAC;gBACzC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC;aAC1C;YACD,MAAM;YACN,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAChE,GAAG,EAAE,IAAI,WAAW,IAAI,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;YAChG,GAAG,CAAC,MAAM,IAAI,EAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,EAAC,CAAC;SACjD,CAAC;aACD,IAAI,CACD,IAAA,iBAAU,EAAC,KAAK,CAAC,EAAE;YACf,KAAK,CAAC,MAAM;gBACR,IAAA,oBAAa,EAAC;oBACV,KAAK;oBACL,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,IAAI,EAAE,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,KAAK,CAAC;iBACnF,CAAC,CAAC,wBAAQ,CAAC,cAAc,CAAC,CAAA;YAE/B,MAAM,KAAK,CAAA;QACf,CAAC,CAAC,CACL,CACR,CAAC,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;CACJ,CAAA;AA/FY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAG2B,sBAAa;QACf,mBAAW;GAHpC,eAAe,CA+F3B"}
|
|
@@ -13,7 +13,9 @@ exports.PermissionGuard = void 0;
|
|
|
13
13
|
const common_1 = require("@nestjs/common");
|
|
14
14
|
const core_1 = require("@nestjs/core");
|
|
15
15
|
const app_decorator_1 = require("../app.decorator");
|
|
16
|
+
const app_interface_1 = require("../app.interface");
|
|
16
17
|
const authentication_1 = require("../authentication");
|
|
18
|
+
const util_1 = require("../util");
|
|
17
19
|
let PermissionGuard = class PermissionGuard {
|
|
18
20
|
authenticationService;
|
|
19
21
|
reflector;
|
|
@@ -29,7 +31,7 @@ let PermissionGuard = class PermissionGuard {
|
|
|
29
31
|
if (!requiredPermissions) {
|
|
30
32
|
return true;
|
|
31
33
|
}
|
|
32
|
-
const { headers, params, subject } = context.switchToHttp().getRequest();
|
|
34
|
+
const { headers, params, subject, issuer } = context.switchToHttp().getRequest();
|
|
33
35
|
const publicPermission = [
|
|
34
36
|
headers['ei-internal-service'],
|
|
35
37
|
process.env.NODE_ENV === 'local',
|
|
@@ -39,8 +41,16 @@ let PermissionGuard = class PermissionGuard {
|
|
|
39
41
|
return true;
|
|
40
42
|
}
|
|
41
43
|
return this.authenticationService
|
|
42
|
-
.authenticationPermission(headers)({
|
|
43
|
-
|
|
44
|
+
.authenticationPermission(headers)({
|
|
45
|
+
keys: requiredPermissions,
|
|
46
|
+
userId: subject,
|
|
47
|
+
domainId: issuer
|
|
48
|
+
})
|
|
49
|
+
.then(({ result }) => {
|
|
50
|
+
result !== 'successes' &&
|
|
51
|
+
(0, util_1.throwAPIError)({ message: 'This user is not authorized to access the current resource' })(app_interface_1.APIError.FORBIDDEN);
|
|
52
|
+
return true;
|
|
53
|
+
});
|
|
44
54
|
}
|
|
45
55
|
};
|
|
46
56
|
exports.PermissionGuard = PermissionGuard;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA+D;AAC/D,sDAAuD;
|
|
1
|
+
{"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA+D;AAC/D,oDAAyC;AACzC,sDAAuD;AAEvD,kCAAqC;AAI9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,mBAAmB,GAAiB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,8CAA8B,EAAE;YACvG,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,EAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC1F,MAAM,gBAAgB,GAAG;YACrB,OAAO,CAAC,qBAAqB,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;YAChC,OAAO,KAAK,MAAM,CAAC,EAAE;SACxB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAEf,IAAI,gBAAgB,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB;aAC5B,wBAAwB,CAAC,OAAO,CAAC,CAAC;YAC/B,IAAI,EAAE,mBAAmB;YACzB,MAAM,EAAE,OAAO;YACf,QAAQ,EAAE,MAAM;SACnB,CAAC;aACD,IAAI,CAAC,CAAC,EAAC,MAAM,EAAC,EAAE,EAAE;YACf,MAAM,KAAK,WAAW;gBAClB,IAAA,oBAAa,EAAC,EAAC,OAAO,EAAE,4DAA4D,EAAC,CAAC,CAClF,wBAAQ,CAAC,SAAS,CACrB,CAAA;YAEL,OAAO,IAAI,CAAA;QACf,CAAC,CAAC,CAAA;IACV,CAAC;CACJ,CAAA;AA1CY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QACjC,gBAAS;GAHhC,eAAe,CA0C3B"}
|