npm - @elsikora/nestjs-crud-automator - Versions diffs - 1.16.0 → 1.17.0 - Mend

@elsikora/nestjs-crud-automator 1.16.0 → 1.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (280) hide show

package/dist/cjs/index.js CHANGED Viewed

@@ -7,6 +7,12 @@ var executor_class = require('./class/api/subscriber/executor.class.js');
 var functionBase_class = require('./class/api/subscriber/function-base.class.js');
 var registry_class = require('./class/api/subscriber/registry.class.js');
 var routeBase_class = require('./class/api/subscriber/route-base.class.js');
+var engine_class = require('./class/api/authorization/engine.class.js');
+var guard_class = require('./class/api/authorization/guard.class.js');
+var base_class$1 = require('./class/api/authorization/policy/base.class.js');
+var discoveryService_class$1 = require('./class/api/authorization/policy/discovery-service.class.js');
+var executor_class$1 = require('./class/api/authorization/policy/executor.class.js');
+var registry_class$1 = require('./class/api/authorization/policy/registry.class.js');
 var metadataStorage_class = require('./class/metadata-storage.class.js');
 var boolean_class = require('./class/utility/dto/property/factory/boolean.class.js');
 var date_class = require('./class/utility/dto/property/factory/date.class.js');
@@ -20,6 +26,9 @@ var body_class = require('./class/utility/dto/strategy/body.class.js');
 var query_class = require('./class/utility/dto/strategy/query.class.js');
 var request_class = require('./class/utility/dto/strategy/request.class.js');
 var response_class = require('./class/utility/dto/strategy/response.class.js');
+var decision_constant = require('./constant/authorization/metadata/decision.constant.js');
+var decorator_constant = require('./constant/authorization/policy/decorator.constant.js');
+var registry_constant = require('./constant/authorization/token/registry.constant.js');
 var date_constant = require('./constant/date.constant.js');
 var controller_constant = require('./constant/decorator/api/controller.constant.js');
 var function_constant = require('./constant/decorator/api/function.constant.js');
@@ -36,8 +45,10 @@ var number_constant = require('./constant/number.constant.js');
 var constant = require('./constant/utility/dto/constant.js');
 var generate_constant = require('./constant/utility/dto/generate.constant.js');
 var hasPairedCustomSuffixesFields_constant = require('./constant/validator/has-paired-custom-suffixes-fields.constant.js');
+var policy_decorator = require('./decorator/api/authorization/policy.decorator.js');
 var decorator = require('./decorator/api/controller/decorator.js');
 var observable_decorator = require('./decorator/api/controller/observable.decorator.js');
+var securable_decorator = require('./decorator/api/controller/securable.decorator.js');
 var create_decorator = require('./decorator/api/function/create.decorator.js');
 var decorator$1 = require('./decorator/api/function/decorator.js');
 var delete_decorator = require('./decorator/api/function/delete.decorator.js');
@@ -59,13 +70,15 @@ var observable_decorator$1 = require('./decorator/api/service/observable.decorat
 var service_decorator = require('./decorator/api/service.decorator.js');
 var function_decorator = require('./decorator/api/subscriber/function.decorator.js');
 var route_decorator = require('./decorator/api/subscriber/route.decorator.js');
+var effect_enum = require('./enum/authorization/effect.enum.js');
+var onType_enum = require('./enum/authorization/policy/on-type.enum.js');
 var action_enum = require('./enum/decorator/api/action.enum.js');
 var authenticationType_enum = require('./enum/decorator/api/authentication-type.enum.js');
 var loadRelationsStrategy_enum = require('./enum/decorator/api/controller/load-relations-strategy.enum.js');
 var requestTransformerType_enum = require('./enum/decorator/api/controller/request-transformer-type.enum.js');
 var dtoType_enum = require('./enum/decorator/api/dto-type.enum.js');
 var type_enum = require('./enum/decorator/api/function/type.enum.js');
-var onType_enum = require('./enum/decorator/api/on-type.enum.js');
+var onType_enum$1 = require('./enum/decorator/api/on-type.enum.js');
 var dataType_enum = require('./enum/decorator/api/property/data-type.enum.js');
 var identifier_enum = require('./enum/decorator/api/property/date/identifier.enum.js');
 var type_enum$1 = require('./enum/decorator/api/property/date/type.enum.js');
@@ -82,7 +95,8 @@ var hasPairedCustomSuffixesFieldsArgumentType_enum = require('./enum/validator/h
 var mustMatchOneOfSchemasErrorType_enum = require('./enum/validator/must-match-one-of-schemas-error-type.enum.js');
 var controller_factory = require('./factory/api/controller.factory.js');
 var correlationIdResponseBody_interceptor = require('./interceptor/correlation-id-response-body.interceptor.js');
-var apiSubscriber_module = require('./module/api-subscriber.module.js');
+var authorization_module = require('./module/api/authorization.module.js');
+var subscriber_module = require('./module/api/subscriber.module.js');
 var applyDecorators_utility = require('./utility/api/controller/apply-decorators.utility.js');
 var applyMetadata_utility = require('./utility/api/controller/apply-metadata.utility.js');
 var transformFilter_utility = require('./utility/api/controller/get-list/transform-filter.utility.js');
@@ -96,6 +110,11 @@ var writeDtoSwagger_utility = require('./utility/api/controller/write-dto-swagge
 var writeMethod_utility = require('./utility/api/controller/write-method.utility.js');
 var filterOrderByFromEntity_utility = require('./utility/api/filter-order-by-from-entity.utility.js');
 var getDefaultStringFormatProperties_utility = require('./utility/api/property/get-default-string-format-properties.utility.js');
+var applyResult_utility = require('./utility/authorization/decision/apply-result.utility.js');
+var attachResource_utility = require('./utility/authorization/decision/attach-resource.utility.js');
+var resolveFromRequest_utility = require('./utility/authorization/decision/resolve-from-request.utility.js');
+var where_utility = require('./utility/authorization/scope/merge/where.utility.js');
+var resolveDefaultSubject_utility = require('./utility/authorization/subject/resolve-default-subject.utility.js');
 var camelCaseString_utility = require('./utility/camel-case-string.utility.js');
 var capitalizeString_utility = require('./utility/capitalize-string.utility.js');
 var analize_utility = require('./utility/dto/analize.utility.js');
@@ -142,6 +161,21 @@ exports.ApiSubscriberExecutor = executor_class.ApiSubscriberExecutor;
 exports.ApiFunctionSubscriberBase = functionBase_class.ApiFunctionSubscriberBase;
 exports.apiSubscriberRegistry = registry_class.apiSubscriberRegistry;
 exports.ApiRouteSubscriberBase = routeBase_class.ApiRouteSubscriberBase;
+Object.defineProperty(exports, "ApiAuthorizationEngine", {
+	enumerable: true,
+	get: function () { return engine_class.ApiAuthorizationEngine; }
+});
+Object.defineProperty(exports, "ApiAuthorizationGuard", {
+	enumerable: true,
+	get: function () { return guard_class.ApiAuthorizationGuard; }
+});
+exports.ApiAuthorizationPolicyBase = base_class$1.ApiAuthorizationPolicyBase;
+Object.defineProperty(exports, "ApiAuthorizationPolicyDiscoveryService", {
+	enumerable: true,
+	get: function () { return discoveryService_class$1.ApiAuthorizationPolicyDiscoveryService; }
+});
+exports.ApiAuthorizationPolicyExecutor = executor_class$1.ApiAuthorizationPolicyExecutor;
+exports.ApiAuthorizationPolicyRegistry = registry_class$1.ApiAuthorizationPolicyRegistry;
 exports.MetadataStorage = metadataStorage_class.MetadataStorage;
 exports.DtoPropertyFactoryBoolean = boolean_class.DtoPropertyFactoryBoolean;
 exports.DtoPropertyFactoryDate = date_class.DtoPropertyFactoryDate;
@@ -155,6 +189,9 @@ exports.DtoStrategyBody = body_class.DtoStrategyBody;
 exports.DtoStrategyQuery = query_class.DtoStrategyQuery;
 exports.DtoStrategyRequest = request_class.DtoStrategyRequest;
 exports.DtoStrategyResponse = response_class.DtoStrategyResponse;
+exports.AUTHORIZATION_DECISION_METADATA_CONSTANT = decision_constant.AUTHORIZATION_DECISION_METADATA_CONSTANT;
+exports.AUTHORIZATION_POLICY_DECORATOR_CONSTANT = decorator_constant.AUTHORIZATION_POLICY_DECORATOR_CONSTANT;
+exports.AUTHORIZATION_POLICY_REGISTRY_TOKEN = registry_constant.AUTHORIZATION_POLICY_REGISTRY_TOKEN;
 exports.DATE_CONSTANT = date_constant.DATE_CONSTANT;
 exports.CONTROLLER_API_DECORATOR_CONSTANT = controller_constant.CONTROLLER_API_DECORATOR_CONSTANT;
 exports.FUNCTION_API_DECORATOR_CONSTANT = function_constant.FUNCTION_API_DECORATOR_CONSTANT;
@@ -171,8 +208,10 @@ exports.NUMBER_CONSTANT = number_constant.NUMBER_CONSTANT;
 exports.DTO_UTILITY_CONSTANT = constant.DTO_UTILITY_CONSTANT;
 exports.DTO_GENERATE_CONSTANT = generate_constant.DTO_GENERATE_CONSTANT;
 exports.VALIDATOR_HAS_PAIRED_CUSTOM_SUFFIXES_FIELDS_CONSTANT = hasPairedCustomSuffixesFields_constant.VALIDATOR_HAS_PAIRED_CUSTOM_SUFFIXES_FIELDS_CONSTANT;
+exports.ApiAuthorizationPolicy = policy_decorator.ApiAuthorizationPolicy;
 exports.ApiController = decorator.ApiController;
 exports.ApiControllerObservable = observable_decorator.ApiControllerObservable;
+exports.ApiControllerSecurable = securable_decorator.ApiControllerSecurable;
 exports.ApiFunctionCreate = create_decorator.ApiFunctionCreate;
 exports.ApiFunction = decorator$1.ApiFunction;
 exports.ApiFunctionDelete = delete_decorator.ApiFunctionDelete;
@@ -194,6 +233,14 @@ exports.ApiServiceObservable = observable_decorator$1.ApiServiceObservable;
 exports.ApiService = service_decorator.ApiService;
 exports.ApiFunctionSubscriber = function_decorator.ApiFunctionSubscriber;
 exports.ApiRouteSubscriber = route_decorator.ApiRouteSubscriber;
+Object.defineProperty(exports, "EAuthorizationEffect", {
+	enumerable: true,
+	get: function () { return effect_enum.EAuthorizationEffect; }
+});
+Object.defineProperty(exports, "EApiAuthorizationPolicyOnType", {
+	enumerable: true,
+	get: function () { return onType_enum.EApiAuthorizationPolicyOnType; }
+});
 Object.defineProperty(exports, "EApiAction", {
 	enumerable: true,
 	get: function () { return action_enum.EApiAction; }
@@ -220,7 +267,7 @@ Object.defineProperty(exports, "EApiFunctionType", {
 });
 Object.defineProperty(exports, "EApiSubscriberOnType", {
 	enumerable: true,
-	get: function () { return onType_enum.EApiSubscriberOnType; }
+	get: function () { return onType_enum$1.EApiSubscriberOnType; }
 });
 Object.defineProperty(exports, "EApiPropertyDataType", {
 	enumerable: true,
@@ -319,9 +366,13 @@ Object.defineProperty(exports, "CorrelationIDResponseBodyInterceptor", {
 	enumerable: true,
 	get: function () { return correlationIdResponseBody_interceptor.CorrelationIDResponseBodyInterceptor; }
 });
+Object.defineProperty(exports, "ApiAuthorizationModule", {
+	enumerable: true,
+	get: function () { return authorization_module.ApiAuthorizationModule; }
+});
 Object.defineProperty(exports, "ApiSubscriberModule", {
 	enumerable: true,
-	get: function () { return apiSubscriber_module.ApiSubscriberModule; }
+	get: function () { return subscriber_module.ApiSubscriberModule; }
 });
 exports.ApiControllerApplyDecorators = applyDecorators_utility.ApiControllerApplyDecorators;
 exports.ApiControllerApplyMetadata = applyMetadata_utility.ApiControllerApplyMetadata;
@@ -336,6 +387,11 @@ exports.ApiControllerWriteDtoSwagger = writeDtoSwagger_utility.ApiControllerWrit
 exports.ApiControllerWriteMethod = writeMethod_utility.ApiControllerWriteMethod;
 exports.FilterOrderByFromEntity = filterOrderByFromEntity_utility.FilterOrderByFromEntity;
 exports.GetDefaultStringFormatProperties = getDefaultStringFormatProperties_utility.GetDefaultStringFormatProperties;
+exports.AuthorizationDecisionApplyResult = applyResult_utility.AuthorizationDecisionApplyResult;
+exports.AuthorizationDecisionAttachResource = attachResource_utility.AuthorizationDecisionAttachResource;
+exports.AuthorizationDecisionResolveFromRequest = resolveFromRequest_utility.AuthorizationDecisionResolveFromRequest;
+exports.AuthorizationScopeMergeWhere = where_utility.AuthorizationScopeMergeWhere;
+exports.AuthorizationResolveDefaultSubject = resolveDefaultSubject_utility.AuthorizationResolveDefaultSubject;
 exports.CamelCaseString = camelCaseString_utility.CamelCaseString;
 exports.CapitalizeString = capitalizeString_utility.CapitalizeString;
 exports.analyzeEntityMetadata = analize_utility.analyzeEntityMetadata;

package/dist/cjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
1	+ {"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}

package/dist/cjs/interface/api-authentication-request.interface.d.ts CHANGED Viewed

@@ -1,4 +1,7 @@
 import type { IApiBaseEntity } from './api-base-entity.interface';
+import type { IApiAuthorizationDecision } from './authorization/index';
+import type { TApiAuthorizationRuleTransformPayload } from '../type/class/api/authorization/rule/transform-payload.type';
 export interface IApiAuthenticationRequest {
+    authorizationDecision?: IApiAuthorizationDecision<IApiBaseEntity, TApiAuthorizationRuleTransformPayload<IApiBaseEntity>>;
     user: IApiBaseEntity;
 }

package/dist/cjs/interface/authorization/decision.interface.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { EAuthorizationEffect } from '../../enum/authorization/effect.enum';
+import type { IApiBaseEntity } from '../api-base-entity.interface';
+import type { IApiAuthorizationRule } from './rule/interface';
+import type { IApiAuthorizationScope } from './scope.interface';
+import type { IApiAuthorizationSubject } from './subject.interface';
+import type { TApiAuthorizationRuleResultTransform } from '../../type/class/api/authorization/rule/result-transform.type';
+export interface IApiAuthorizationDecision<E extends IApiBaseEntity, R> {
+    action: string;
+    appliedRules: Array<IApiAuthorizationRule<E, R>>;
+    effect: EAuthorizationEffect;
+    policyId: string;
+    resource?: E;
+    resourceType: string;
+    scope?: IApiAuthorizationScope<E>;
+    subject: IApiAuthorizationSubject;
+    transforms: Array<TApiAuthorizationRuleResultTransform<E, R>>;
+}

package/dist/cjs/interface/authorization/engine.interface.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { IApiBaseEntity } from '../api-base-entity.interface';
+import type { IApiAuthorizationDecision } from './decision.interface';
+import type { IApiAuthorizationEngineEvaluateOptions } from './evaluate-options.interface';
+export interface IApiAuthorizationEngine<E extends IApiBaseEntity> {
+    evaluate<R>(options: IApiAuthorizationEngineEvaluateOptions<E, R>): Promise<IApiAuthorizationDecision<E, R>>;
+}

package/dist/cjs/interface/authorization/evaluate-options.interface.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { IApiBaseEntity } from '../api-base-entity.interface';
+import type { IApiAuthorizationPolicy } from './policy/interface';
+import type { IApiAuthorizationSubject } from './subject.interface';
+export interface IApiAuthorizationEngineEvaluateOptions<E extends IApiBaseEntity, R> {
+    action: string;
+    policy: IApiAuthorizationPolicy<E, R>;
+    resource?: E;
+    subject: IApiAuthorizationSubject;
+}

package/dist/cjs/interface/authorization/index.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export { type IApiAuthorizationDecision } from './decision.interface';
+export { type IApiAuthorizationEngine } from './engine.interface';
+export { type IApiAuthorizationEngineEvaluateOptions } from './evaluate-options.interface';
+export type * from './policy/index';
+export type * from './rule/index';
+export { type IApiAuthorizationScope } from './scope.interface';
+export { type IApiAuthorizationSubject } from './subject.interface';

package/dist/cjs/interface/authorization/policy/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { type IApiAuthorizationPolicy } from './interface';
+export { type IApiAuthorizationPolicyRegistry } from './registry.interface';
+export type * from './subscriber/index';

package/dist/cjs/interface/authorization/policy/interface.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { IApiBaseEntity } from '../../api-base-entity.interface';
+import type { IApiAuthorizationRule } from '../rule/interface';
+export interface IApiAuthorizationPolicy<E extends IApiBaseEntity, R> {
+    action: string;
+    description?: string;
+    entity: new () => E;
+    policyId: string;
+    rules: Array<IApiAuthorizationRule<E, R>>;
+}

package/dist/cjs/interface/authorization/policy/registry.interface.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import type { IApiBaseEntity } from '../../api-base-entity.interface';
+import type { IApiAuthorizationPolicy } from './interface';
+import type { IApiAuthorizationPolicySubscriberRegistration } from './subscriber/registration.interface';
+import type { TApiAuthorizationPolicyHookResult } from '../../../type/class/api/authorization/policy/hook/index';
+export interface IApiAuthorizationPolicyRegistry {
+    buildAggregatedPolicy<E extends IApiBaseEntity, TAction extends string>(entity: new () => E, action: TAction): Promise<IApiAuthorizationPolicy<E, TApiAuthorizationPolicyHookResult<TAction, E>> | undefined>;
+    clear(): void;
+    registerPolicy<E extends IApiBaseEntity, R>(policy: IApiAuthorizationPolicy<E, R>): void;
+    registerSubscriber<E extends IApiBaseEntity>(registration: IApiAuthorizationPolicySubscriberRegistration<E>): void;
+}

package/dist/cjs/interface/authorization/policy/subscriber/context.interface.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { EApiRouteType } from '../../../../enum/decorator/api/route-type.enum';
+import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+import type { IApiEntity } from '../../../entity/interface';
+export interface IApiAuthorizationPolicySubscriberContext<E extends IApiBaseEntity> {
+    action: string;
+    entity: new () => E;
+    entityMetadata: IApiEntity<E>;
+    routeType?: EApiRouteType;
+}

package/dist/cjs/interface/authorization/policy/subscriber/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export { type IApiAuthorizationPolicySubscriberContext } from './context.interface';
+export { type IApiAuthorizationPolicySubscriber } from './interface';
+export { type IApiAuthorizationPolicySubscriberProperties } from './properties.interface';
+export { type IApiAuthorizationPolicySubscriberRegistration } from './registration.interface';
+export { type IApiAuthorizationPolicySubscriberRule } from './rule.interface';

package/dist/cjs/interface/authorization/policy/subscriber/interface.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { EApiRouteType } from '../../../../enum/decorator/api/route-type.enum';
+import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+import type { IApiAuthorizationPolicySubscriberContext } from './context.interface';
+import type { TApiAuthorizationPolicyHookResult } from '../../../../type/class/api/authorization/policy/hook/index';
+import type { TApiAuthorizationPolicySubscriberRuleResult } from '../../../../type/class/api/authorization/policy/policy-subscriber-rule-result.type';
+export interface IApiAuthorizationPolicySubscriber<E extends IApiBaseEntity> {
+    getCustomActionRule?<TAction extends string>(action: TAction, context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>;
+    onBeforeCreate?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.CREATE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.CREATE, E>>;
+    onBeforeDelete?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.DELETE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.DELETE, E>>;
+    onBeforeGet?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.GET, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.GET, E>>;
+    onBeforeGetList?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.GET_LIST, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.GET_LIST, E>>;
+    onBeforePartialUpdate?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.PARTIAL_UPDATE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.PARTIAL_UPDATE, E>>;
+    onBeforeUpdate?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.UPDATE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.UPDATE, E>>;
+}

package/dist/cjs/interface/authorization/policy/subscriber/properties.interface.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+export interface IApiAuthorizationPolicySubscriberProperties<E extends IApiBaseEntity> {
+    description?: string;
+    entity: new () => E;
+    policyId?: string;
+    priority?: number;
+}

package/dist/cjs/interface/authorization/policy/subscriber/registration.interface.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+import type { IApiAuthorizationPolicySubscriber } from './interface';
+export interface IApiAuthorizationPolicySubscriberRegistration<E extends IApiBaseEntity> {
+    description?: string;
+    entity: new () => E;
+    policyId: string;
+    priority: number;
+    subscriber: IApiAuthorizationPolicySubscriber<E>;
+}

package/dist/cjs/interface/authorization/policy/subscriber/rule.interface.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import type { EAuthorizationEffect } from '../../../../enum/authorization/effect.enum';
+import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+import type { TApiAuthorizationRuleCondition } from '../../../../type/class/api/authorization/rule/condition.type';
+import type { TApiAuthorizationRuleResultTransform } from '../../../../type/class/api/authorization/rule/result-transform.type';
+import type { TApiAuthorizationRuleScopeResolver } from '../../../../type/class/api/authorization/rule/scope-resolver.type';
+export interface IApiAuthorizationPolicySubscriberRule<E extends IApiBaseEntity, R> {
+    condition?: TApiAuthorizationRuleCondition<E>;
+    description?: string;
+    effect: EAuthorizationEffect;
+    priority?: number;
+    resultTransform?: TApiAuthorizationRuleResultTransform<E, R>;
+    scope?: TApiAuthorizationRuleScopeResolver<E>;
+}

package/dist/cjs/interface/authorization/rule/context.interface.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { IApiBaseEntity } from '../../api-base-entity.interface';
+import type { IApiAuthorizationSubject } from '../subject.interface';
+export interface IApiAuthorizationRuleContext<E extends IApiBaseEntity> {
+    resource?: E;
+    subject: IApiAuthorizationSubject;
+}

package/dist/cjs/interface/authorization/rule/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { type IApiAuthorizationRuleContext } from './context.interface';
2	+ export { type IApiAuthorizationRule } from './interface';

package/dist/cjs/interface/authorization/rule/interface.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { EAuthorizationEffect } from '../../../enum/authorization/effect.enum';
+import type { IApiBaseEntity } from '../../api-base-entity.interface';
+import type { TApiAuthorizationRuleCondition } from '../../../type/class/api/authorization/rule/condition.type';
+import type { TApiAuthorizationRuleResultTransform } from '../../../type/class/api/authorization/rule/result-transform.type';
+import type { TApiAuthorizationRuleScopeResolver } from '../../../type/class/api/authorization/rule/scope-resolver.type';
+export interface IApiAuthorizationRule<E extends IApiBaseEntity, R> {
+    action: string;
+    condition?: TApiAuthorizationRuleCondition<E>;
+    description?: string;
+    effect: EAuthorizationEffect;
+    policyId: string;
+    priority: number;
+    resultTransform?: TApiAuthorizationRuleResultTransform<E, R>;
+    scope?: TApiAuthorizationRuleScopeResolver<E>;
+}

package/dist/cjs/interface/authorization/scope.interface.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { IApiBaseEntity } from '../api-base-entity.interface';
+import type { FindOptionsWhere } from "typeorm";
+export interface IApiAuthorizationScope<E extends IApiBaseEntity> {
+    where?: Array<FindOptionsWhere<E>> | FindOptionsWhere<E>;
+}

package/dist/cjs/interface/authorization/subject.interface.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export interface IApiAuthorizationSubject {
+    attributes?: Record<string, unknown>;
+    id: string;
+    permissions: Array<string>;
+    roles: Array<string>;
+}

package/dist/cjs/interface/class/api/subscriber/route-execution-context-data.interface.d.ts CHANGED Viewed

@@ -1,8 +1,10 @@
 import type { EApiRouteType } from '../../../../enum/decorator/api/route-type.enum';
 import type { IApiAuthenticationRequest } from '../../../api-authentication-request.interface';
 import type { IApiBaseEntity } from '../../../api-base-entity.interface';
+import type { IApiAuthorizationDecision } from '../../../authorization/index';
 import type { IApiControllerProperties } from '../../../decorator/api/controller/properties.interface';
 import type { IApiEntity } from '../../../entity/index';
+import type { TApiAuthorizationRuleTransformPayload } from '../../../../type/class/api/authorization/rule/transform-payload.type';
 /**
  * Base data container for route subscriber execution context.
  * Contains route metadata and configuration.
@@ -46,11 +48,15 @@ export interface IApiSubscriberRouteExecutionContextData<E extends IApiBaseEntit
  * Extended data container for route subscriber execution context.
  * Includes request context (headers, IP, authentication) in addition to base route data.
  */
-export interface IApiSubscriberRouteExecutionContextDataExtended<E extends IApiBaseEntity> extends IApiSubscriberRouteExecutionContextData<E> {
+export interface IApiSubscriberRouteExecutionContextDataExtended<E extends IApiBaseEntity, R = TApiAuthorizationRuleTransformPayload<E>> extends IApiSubscriberRouteExecutionContextData<E> {
     /**
      * Authentication request information
      */
     authenticationRequest?: IApiAuthenticationRequest;
+    /**
+     * Authorization decision
+     */
+    authorizationDecision?: IApiAuthorizationDecision<E, R>;
     /**
      * HTTP request headers
      */

package/dist/cjs/interface/index.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@ export { type IApiAuthenticationRequest } from './api-authentication-request.int
 export { type IApiBaseEntity } from './api-base-entity.interface';
 export { type IApiDtoValidator } from './api-dto-validator.interface';
 export { type IApiRequestValidator } from './api-request-validator.interface';
+export type * from './authorization/index';
 export type * from './class/index';
 export type * from './decorator/api/index';
 export { type IDtoGenerateFactory } from './dto-generate-factory.interface';

package/dist/cjs/module/api/authorization.module.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Module responsible for discovering and registering authorization policies.
+ * Import this module to enable zero-configuration RBAC.
+ * @see {@link https://elsikora.com/docs/nestjs-crud-automator/authorization | Authorization}
+ */
+export declare class ApiAuthorizationModule {
+}

package/dist/cjs/module/api/authorization.module.js ADDED Viewed

@@ -0,0 +1,39 @@
+'use strict';
+var tslib_es6 = require('../../external/tslib/tslib.es6.js');
+var engine_class = require('../../class/api/authorization/engine.class.js');
+var guard_class = require('../../class/api/authorization/guard.class.js');
+var discoveryService_class = require('../../class/api/authorization/policy/discovery-service.class.js');
+var registry_class = require('../../class/api/authorization/policy/registry.class.js');
+var registry_constant = require('../../constant/authorization/token/registry.constant.js');
+var common = require('@nestjs/common');
+var core = require('@nestjs/core');
+/**
+ * Module responsible for discovering and registering authorization policies.
+ * Import this module to enable zero-configuration RBAC.
+ * @see {@link https://elsikora.com/docs/nestjs-crud-automator/authorization | Authorization}
+ */
+exports.ApiAuthorizationModule = class ApiAuthorizationModule {
+};
+exports.ApiAuthorizationModule = tslib_es6.__decorate([
+    common.Global(),
+    common.Module({
+        exports: [registry_constant.AUTHORIZATION_POLICY_REGISTRY_TOKEN, engine_class.ApiAuthorizationEngine, guard_class.ApiAuthorizationGuard, discoveryService_class.ApiAuthorizationPolicyDiscoveryService],
+        imports: [core.DiscoveryModule],
+        providers: [
+            engine_class.ApiAuthorizationEngine,
+            guard_class.ApiAuthorizationGuard,
+            discoveryService_class.ApiAuthorizationPolicyDiscoveryService,
+            {
+                provide: registry_constant.AUTHORIZATION_POLICY_REGISTRY_TOKEN,
+                useValue: registry_class.apiAuthorizationPolicyRegistry,
+            },
+            {
+                provide: registry_class.ApiAuthorizationPolicyRegistry,
+                useValue: registry_class.apiAuthorizationPolicyRegistry,
+            },
+        ],
+    })
+], exports.ApiAuthorizationModule);
+//# sourceMappingURL=authorization.module.js.map

package/dist/cjs/module/api/authorization.module.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"authorization.module.js","sources":["../../../../../src/module/api/authorization.module.ts"],"sourcesContent":[null],"names":["ApiAuthorizationModule","__decorate","Global","Module","AUTHORIZATION_POLICY_REGISTRY_TOKEN","ApiAuthorizationEngine","ApiAuthorizationGuard","ApiAuthorizationPolicyDiscoveryService","DiscoveryModule","apiAuthorizationPolicyRegistry","ApiAuthorizationPolicyRegistry"],"mappings":";;;;;;;;;;;AAQA;;;;AAIG;AAmBUA,8BAAsB,GAA5B,MAAM,sBAAsB,CAAA;;AAAtBA,8BAAsB,GAAAC,oBAAA,CAAA;AAlBlC,IAAAC,aAAM,EAAE;AACR,IAAAC,aAAM,CAAC;QACP,OAAO,EAAE,CAACC,qDAAmC,EAAEC,mCAAsB,EAAEC,iCAAqB,EAAEC,6DAAsC,CAAC;QACrI,OAAO,EAAE,CAACC,oBAAe,CAAC;AAC1B,QAAA,SAAS,EAAE;YACVH,mCAAsB;YACtBC,iCAAqB;YACrBC,6DAAsC;AACtC,YAAA;AACC,gBAAA,OAAO,EAAEH,qDAAmC;AAC5C,gBAAA,QAAQ,EAAEK,6CAA8B;AACxC,aAAA;AACD,YAAA;AACC,gBAAA,OAAO,EAAEC,6CAA8B;AACvC,gBAAA,QAAQ,EAAED,6CAA8B;AACxC,aAAA;AACD,SAAA;KACD;AACY,CAAA,EAAAT,8BAAsB,CAAG;;"}

package/dist/cjs/module/api/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { ApiAuthorizationModule } from './authorization.module';
2	+ export { ApiSubscriberModule } from './subscriber.module';

package/dist/cjs/module/{api-subscriber.module.js → api/subscriber.module.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 'use strict';
-var tslib_es6 = require('../external/tslib/tslib.es6.js');
-var discoveryService_class = require('../class/api/subscriber/discovery-service.class.js');
+var tslib_es6 = require('../../external/tslib/tslib.es6.js');
+var discoveryService_class = require('../../class/api/subscriber/discovery-service.class.js');
 var common = require('@nestjs/common');
 var core = require('@nestjs/core');
@@ -20,4 +20,4 @@ exports.ApiSubscriberModule = tslib_es6.__decorate([
         providers: [discoveryService_class.ApiSubscriberDiscoveryService],
     })
 ], exports.ApiSubscriberModule);
-//# sourceMappingURL=api-subscriber.module.js.map
+//# sourceMappingURL=subscriber.module.js.map

package/dist/cjs/module/api/subscriber.module.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"subscriber.module.js","sources":["../../../../../src/module/api/subscriber.module.ts"],"sourcesContent":[null],"names":["ApiSubscriberModule","__decorate","Module","ApiSubscriberDiscoveryService","DiscoveryModule"],"mappings":";;;;;;;AAIA;;;;;AAKG;AAMUA,2BAAmB,GAAzB,MAAM,mBAAmB,CAAA;;AAAnBA,2BAAmB,GAAAC,oBAAA,CAAA;AAL/B,IAAAC,aAAM,CAAC;QACP,OAAO,EAAE,CAACC,oDAA6B,CAAC;QACxC,OAAO,EAAE,CAACC,oBAAe,CAAC;QAC1B,SAAS,EAAE,CAACD,oDAA6B,CAAC;KAC1C;AACY,CAAA,EAAAH,2BAAmB,CAAG;;"}

package/dist/cjs/module/index.d.ts CHANGED Viewed

	@@ -1 +1 @@
1	- export * from './api~~-subscriber.module~~';
1	+ export * from './api/index';

package/dist/cjs/type/class/api/authorization/guard-request.type.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { IApiBaseEntity } from '../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationDecision } from '../../../../interface/authorization/index';
+import type { TApiAuthorizationRuleTransformPayload } from './rule/transform-payload.type';
+export type TApiAuthorizationGuardRequest = {
+    authorizationDecision?: IApiAuthorizationDecision<IApiBaseEntity, TApiAuthorizationRuleTransformPayload<IApiBaseEntity>>;
+    user?: unknown;
+} & Record<string, unknown>;

package/dist/cjs/type/class/api/authorization/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export { type TApiAuthorizationGuardRequest } from './guard-request.type';
+export type * from './policy/index';
+export type * from './rule/index';
+export { type TApiAuthorizationScopeWhere } from './scope-where.type';

package/dist/cjs/type/class/api/authorization/policy/hook/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { type TApiAuthorizationPolicyHookResult } from './result.type';
2	+ export { type TApiAuthorizationPolicyHook } from './type';

package/dist/cjs/type/class/api/authorization/policy/hook/result.type.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { EApiRouteType } from '../../../../../../enum/decorator/api/route-type.enum';
+import type { IApiBaseEntity } from '../../../../../../interface/api-base-entity.interface';
+import type { IApiGetListResponseResult } from '../../../../../../interface/decorator/api/get-list-response-result.interface';
+import type { TApiAuthorizationRuleTransformPayload } from '../../rule/transform-payload.type';
+/**
+ * Maps a policy hook/action to the payload type its transforms will receive.
+ */
+export type TApiAuthorizationPolicyHookResult<TAction extends string, E extends IApiBaseEntity> = TAction extends EApiRouteType.CREATE ? E : TAction extends EApiRouteType.GET ? E : TAction extends EApiRouteType.GET_LIST ? IApiGetListResponseResult<E> : TAction extends EApiRouteType.PARTIAL_UPDATE ? E : TAction extends EApiRouteType.UPDATE ? E : TAction extends EApiRouteType.DELETE ? undefined : TApiAuthorizationRuleTransformPayload<E>;

package/dist/cjs/type/class/api/authorization/policy/hook/type.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { IApiBaseEntity } from '../../../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationPolicySubscriberContext } from '../../../../../../interface/authorization/index';
+import type { TApiAuthorizationPolicySubscriberRuleResult } from '../policy-subscriber-rule-result.type';
+import type { TApiAuthorizationPolicyHookResult } from './result.type';
+export type TApiAuthorizationPolicyHook<E extends IApiBaseEntity, TAction extends string> = (context: IApiAuthorizationPolicySubscriberContext<E>) => Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>;

package/dist/cjs/type/class/api/authorization/policy/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export type * from './hook/index';
2	+ export { type TApiAuthorizationPolicySubscriberRuleResult } from './policy-subscriber-rule-result.type';

package/dist/cjs/type/class/api/authorization/policy/policy-subscriber-rule-result.type.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { IApiBaseEntity } from '../../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationPolicySubscriberRule } from '../../../../../interface/authorization/policy/subscriber/rule.interface';
+export type TApiAuthorizationPolicySubscriberRuleResult<E extends IApiBaseEntity, R> = Array<IApiAuthorizationPolicySubscriberRule<E, R>> | IApiAuthorizationPolicySubscriberRule<E, R> | undefined;

package/dist/cjs/type/class/api/authorization/rule/condition.type.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { IApiBaseEntity } from '../../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationRuleContext } from '../../../../../interface/authorization/rule/context.interface';
+export type TApiAuthorizationRuleCondition<E extends IApiBaseEntity> = (context: IApiAuthorizationRuleContext<E>) => boolean | Promise<boolean>;

package/dist/cjs/type/class/api/authorization/rule/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export { type TApiAuthorizationRuleCondition } from './condition.type';
+export { type TApiAuthorizationRuleResultTransform } from './result-transform.type';
+export { type TApiAuthorizationRuleScopeResolver } from './scope-resolver.type';
+export { type TApiAuthorizationRuleTransformPayload } from './transform-payload.type';

package/dist/cjs/type/class/api/authorization/rule/result-transform.type.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { IApiBaseEntity } from '../../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationRuleContext } from '../../../../../interface/authorization/rule/context.interface';
+import type { TApiAuthorizationRuleTransformPayload } from './transform-payload.type';
+export type TApiAuthorizationRuleResultTransform<E extends IApiBaseEntity, R = TApiAuthorizationRuleTransformPayload<E>> = (result: R, context: IApiAuthorizationRuleContext<E>) => Promise<R> | R;

package/dist/cjs/type/class/api/authorization/rule/scope-resolver.type.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { IApiBaseEntity } from '../../../../../interface/api-base-entity.interface';
+import type { IApiAuthorizationRuleContext } from '../../../../../interface/authorization/rule/context.interface';
+import type { IApiAuthorizationScope } from '../../../../../interface/authorization/scope.interface';
+export type TApiAuthorizationRuleScopeResolver<E extends IApiBaseEntity> = (context: IApiAuthorizationRuleContext<E>) => IApiAuthorizationScope<E> | Promise<IApiAuthorizationScope<E> | undefined> | undefined;

package/dist/cjs/type/class/api/authorization/rule/transform-payload.type.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { IApiBaseEntity } from '../../../../../interface/api-base-entity.interface';
+import type { IApiGetListResponseResult } from '../../../../../interface/decorator/api/get-list-response-result.interface';
+export type TApiAuthorizationRuleTransformPayload<E extends IApiBaseEntity> = Array<unknown> | boolean | E | IApiGetListResponseResult<E> | null | number | object | Partial<E> | Record<string, unknown> | string | undefined;

package/dist/cjs/type/class/api/authorization/scope-where.type.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { IApiBaseEntity } from '../../../../interface/api-base-entity.interface';
+import type { FindOptionsWhere } from "typeorm";
+export type TApiAuthorizationScopeWhere<E extends IApiBaseEntity> = Array<FindOptionsWhere<E>> | FindOptionsWhere<E> | undefined;

package/dist/cjs/type/class/api/subscriber/route/after/create-context.type.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
 import type { IApiBaseEntity } from '../../../../../../interface/api-base-entity.interface';
 import type { IApiSubscriberRouteExecutionContextDataExtended } from '../../../../../../interface/class/api/subscriber/route-execution-context-data.interface';
 import type { IApiSubscriberRouteExecutionContext } from '../../../../../../interface/class/api/subscriber/route-execution-context.interface';
-export type TApiSubscriberRouteAfterCreateContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E>>;
+export type TApiSubscriberRouteAfterCreateContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E, E>>;

package/dist/cjs/type/class/api/subscriber/route/after/delete-context.type.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
 import type { IApiBaseEntity } from '../../../../../../interface/api-base-entity.interface';
 import type { IApiSubscriberRouteExecutionContextDataExtended } from '../../../../../../interface/class/api/subscriber/route-execution-context-data.interface';
 import type { IApiSubscriberRouteExecutionContext } from '../../../../../../interface/class/api/subscriber/route-execution-context.interface';
-export type TApiSubscriberRouteAfterDeleteContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E>>;
+export type TApiSubscriberRouteAfterDeleteContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E, E>>;

package/dist/cjs/type/class/api/subscriber/route/after/get/context.type.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
 import type { IApiBaseEntity } from '../../../../../../../interface/api-base-entity.interface';
 import type { IApiSubscriberRouteExecutionContextDataExtended } from '../../../../../../../interface/class/api/subscriber/route-execution-context-data.interface';
 import type { IApiSubscriberRouteExecutionContext } from '../../../../../../../interface/class/api/subscriber/route-execution-context.interface';
-export type TApiSubscriberRouteAfterGetContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E>>;
+export type TApiSubscriberRouteAfterGetContext<E extends IApiBaseEntity> = IApiSubscriberRouteExecutionContext<E, E, IApiSubscriberRouteExecutionContextDataExtended<E, E>>;