@globaltracking/auth-middleware 3.0.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/nestjs/interceptors/org-context.interceptor.d.ts +4 -2
  2. package/dist/nestjs/interceptors/org-context.interceptor.d.ts.map +1 -1
  3. package/dist/nestjs/interceptors/org-context.interceptor.js +5 -3
  4. package/dist/nestjs/interceptors/org-context.interceptor.js.map +1 -1
  5. package/package.json +1 -1
package/dist/nestjs/interceptors/org-context.interceptor.d.ts CHANGED
@@ -4,8 +4,10 @@ import { Observable } from 'rxjs';
4
4
  import { DataSource } from 'typeorm';
5
5
  /**
6
6
  * Interceptor that sets PostgreSQL session variable for Row-Level Security.
7
- * Runs `SET LOCAL app.current_org_id = $1` inside a transaction so RLS policies
8
- * can filter rows by the current organization.
7
+ * Uses `set_config('app.current_org_id', $1, true)` inside a transaction
8
+ * (Postgres `SET` is a utility statement and rejects $-parameters; set_config
9
+ * is a regular function call that accepts them). The `true` third argument
10
+ * scopes the value to the current transaction, matching `SET LOCAL` semantics.
9
11
  *
10
12
  * Attaches the transaction's EntityManager to `request.entityManager` so
11
13
  * services can use it for all queries within the request scope.
package/dist/nestjs/interceptors/org-context.interceptor.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"org-context.interceptor.d.ts","sourceRoot":"","sources":["../../../src/nestjs/interceptors/org-context.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAEhB,eAAe,EAChB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,UAAU,EAAmB,MAAM,MAAM,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAMrC;;;;;;;;;GASG;AACH,qBACa,qBAAsB,YAAW,eAAe;IAEzD,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS;gBADT,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS;IAGvC,SAAS,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC;CA6BzE"}
1
+ {"version":3,"file":"org-context.interceptor.d.ts","sourceRoot":"","sources":["../../../src/nestjs/interceptors/org-context.interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAEhB,eAAe,EAChB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,UAAU,EAAmB,MAAM,MAAM,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAMrC;;;;;;;;;;;GAWG;AACH,qBACa,qBAAsB,YAAW,eAAe;IAEzD,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS;gBADT,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS;IAGvC,SAAS,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC;CAgCzE"}
package/dist/nestjs/interceptors/org-context.interceptor.js CHANGED
@@ -18,8 +18,10 @@ const constants_1 = require("../constants");
18
18
  const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
19
19
  /**
20
20
  * Interceptor that sets PostgreSQL session variable for Row-Level Security.
21
- * Runs `SET LOCAL app.current_org_id = $1` inside a transaction so RLS policies
22
- * can filter rows by the current organization.
21
+ * Uses `set_config('app.current_org_id', $1, true)` inside a transaction
22
+ * (Postgres `SET` is a utility statement and rejects $-parameters; set_config
23
+ * is a regular function call that accepts them). The `true` third argument
24
+ * scopes the value to the current transaction, matching `SET LOCAL` semantics.
23
25
  *
24
26
  * Attaches the transaction's EntityManager to `request.entityManager` so
25
27
  * services can use it for all queries within the request scope.
@@ -49,7 +51,7 @@ let OrgContextInterceptor = class OrgContextInterceptor {
49
51
  return next.handle();
50
52
  }
51
53
  return (0, rxjs_1.from)(this.dataSource.transaction(async (manager) => {
52
- await manager.query(`SET LOCAL app.current_org_id = $1`, [user.orgId]);
54
+ await manager.query(`SELECT set_config('app.current_org_id', $1, true)`, [user.orgId]);
53
55
  request.entityManager = manager;
54
56
  })).pipe((0, rxjs_1.switchMap)(() => next.handle()));
55
57
  }
package/dist/nestjs/interceptors/org-context.interceptor.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"org-context.interceptor.js","sourceRoot":"","sources":["../../../src/nestjs/interceptors/org-context.interceptor.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,+BAAmD;AACnD,qCAAqC;AAErC,4CAA6C;AAE7C,MAAM,UAAU,GAAG,iEAAiE,CAAC;AAErF;;;;;;;;;GASG;AAEI,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAChC,YACmB,UAAsB,EACtB,SAAoB;QADpB,eAAU,GAAV,UAAU,CAAY;QACtB,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,SAAS,CAAC,OAAyB,EAAE,IAAiB;QACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,yBAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAyB,OAAO,CAAC,IAAI,CAAC;QAEhD,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,0DAA0D;QAC1D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,OAAO,IAAA,WAAI,EACT,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YAC5C,MAAM,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YACvE,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC;QAClC,CAAC,CAAC,CACH,CAAC,IAAI,CAAC,IAAA,gBAAS,EAAC,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;CACF,CAAA;AAnCY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;qCAGoB,oBAAU;QACX,gBAAS;GAH5B,qBAAqB,CAmCjC"}
1
+ {"version":3,"file":"org-context.interceptor.js","sourceRoot":"","sources":["../../../src/nestjs/interceptors/org-context.interceptor.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,+BAAmD;AACnD,qCAAqC;AAErC,4CAA6C;AAE7C,MAAM,UAAU,GAAG,iEAAiE,CAAC;AAErF;;;;;;;;;;;GAWG;AAEI,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAChC,YACmB,UAAsB,EACtB,SAAoB;QADpB,eAAU,GAAV,UAAU,CAAY;QACtB,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,SAAS,CAAC,OAAyB,EAAE,IAAiB;QACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,yBAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAyB,OAAO,CAAC,IAAI,CAAC;QAEhD,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,0DAA0D;QAC1D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,CAAC;QAED,OAAO,IAAA,WAAI,EACT,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YAC5C,MAAM,OAAO,CAAC,KAAK,CACjB,mDAAmD,EACnD,CAAC,IAAI,CAAC,KAAK,CAAC,CACb,CAAC;YACF,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC;QAClC,CAAC,CAAC,CACH,CAAC,IAAI,CAAC,IAAA,gBAAS,EAAC,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;CACF,CAAA;AAtCY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;qCAGoB,oBAAU;QACX,gBAAS;GAH5B,qBAAqB,CAsCjC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@globaltracking/auth-middleware",
3
- "version": "3.0.0",
3
+ "version": "3.0.1",
4
4
  "description": "Unified authentication and authorization middleware for the Global Tracking platform (Express + NestJS)",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",