npm - @hemia/core - Versions diffs - 0.0.10 → 0.0.12 - Mend

@hemia/core 0.0.10 → 0.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/hemia-core.esm.js +26 -1
package/dist/hemia-core.js +26 -1
package/dist/types/guards/auth.guard.d.ts +8 -0
package/package.json +3 -3

package/dist/hemia-core.esm.js CHANGED Viewed

@@ -392,6 +392,7 @@ class AppFactory {
 /**
  * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
  * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ * Soporta wildcards en permisos jerárquicos (ej: account:*, account:email:*)
  */
 let AuthGuard = class AuthGuard {
     constructor(reflector) {
@@ -422,12 +423,36 @@ let AuthGuard = class AuthGuard {
         }
         if (requiredPermissions) {
             const userPermissions = Array.isArray(permissions) ? permissions : [];
-            const hasPermission = requiredPermissions.some((perm) => userPermissions.includes(perm));
+            const hasPermission = requiredPermissions.some((requiredPerm) => this.checkPermission(requiredPerm, userPermissions));
             if (!hasPermission)
                 return false;
         }
         return true;
     }
+    /**
+     * Verifica si el usuario tiene un permiso requerido, soportando wildcards
+     * @param requiredPermission Permiso requerido (ej: account:email:update)
+     * @param userPermissions Array de permisos del usuario
+     * @returns true si el usuario tiene el permiso
+     */
+    checkPermission(requiredPermission, userPermissions) {
+        const requiredParts = requiredPermission.split(':');
+        return userPermissions.some(userPerm => {
+            const userParts = userPerm.split(':');
+            for (let i = 0; i < requiredParts.length; i++) {
+                if (userParts[i] === '*') {
+                    return true;
+                }
+                if (i >= userParts.length) {
+                    return false;
+                }
+                if (userParts[i] !== requiredParts[i]) {
+                    return false;
+                }
+            }
+            return true;
+        });
+    }
 };
 AuthGuard = __decorate([
     injectable(),

package/dist/hemia-core.js CHANGED Viewed

@@ -394,6 +394,7 @@ class AppFactory {
 /**
  * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
  * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ * Soporta wildcards en permisos jerárquicos (ej: account:*, account:email:*)
  */
 exports.AuthGuard = class AuthGuard {
     constructor(reflector) {
@@ -424,12 +425,36 @@ exports.AuthGuard = class AuthGuard {
         }
         if (requiredPermissions) {
             const userPermissions = Array.isArray(permissions) ? permissions : [];
-            const hasPermission = requiredPermissions.some((perm) => userPermissions.includes(perm));
+            const hasPermission = requiredPermissions.some((requiredPerm) => this.checkPermission(requiredPerm, userPermissions));
             if (!hasPermission)
                 return false;
         }
         return true;
     }
+    /**
+     * Verifica si el usuario tiene un permiso requerido, soportando wildcards
+     * @param requiredPermission Permiso requerido (ej: account:email:update)
+     * @param userPermissions Array de permisos del usuario
+     * @returns true si el usuario tiene el permiso
+     */
+    checkPermission(requiredPermission, userPermissions) {
+        const requiredParts = requiredPermission.split(':');
+        return userPermissions.some(userPerm => {
+            const userParts = userPerm.split(':');
+            for (let i = 0; i < requiredParts.length; i++) {
+                if (userParts[i] === '*') {
+                    return true;
+                }
+                if (i >= userParts.length) {
+                    return false;
+                }
+                if (userParts[i] !== requiredParts[i]) {
+                    return false;
+                }
+            }
+            return true;
+        });
+    }
 };
 exports.AuthGuard = __decorate([
     inversify.injectable(),

package/dist/types/guards/auth.guard.d.ts CHANGED Viewed

@@ -3,9 +3,17 @@ import { Reflector } from '../services';
 /**
  * Guardia de autorización que verifica roles y permisos definidos en los controladores y métodos.
  * Utiliza los metadatos definidos con los decoradores @Roles y @Permissions.
+ * Soporta wildcards en permisos jerárquicos (ej: account:*, account:email:*)
  */
 export declare class AuthGuard implements CanActivate {
     private reflector;
     constructor(reflector: Reflector);
     canActivate(context: ExecutionContext): boolean;
+    /**
+     * Verifica si el usuario tiene un permiso requerido, soportando wildcards
+     * @param requiredPermission Permiso requerido (ej: account:email:update)
+     * @param userPermissions Array de permisos del usuario
+     * @returns true si el usuario tiene el permiso
+     */
+    private checkPermission;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hemia/core",
-  "version": "0.0.10",
+  "version": "0.0.12",
   "description": "Core utilities for Hemia projects",
   "main": "dist/hemia-core.js",
   "module": "dist/hemia-core.esm.js",
@@ -18,10 +18,10 @@
     "@rollup/plugin-commonjs": "^26.0.1",
     "@rollup/plugin-json": "^6.1.0",
     "@rollup/plugin-node-resolve": "^15.2.3",
-    "@hemia/common": "^0.0.14",
+    "@hemia/common": "^0.0.15",
     "@hemia/app-context": "^0.0.6",
     "@hemia/trace-manager": "^0.0.9",
-    "@hemia/auth-sdk": "^0.0.13",
+    "@hemia/auth-sdk": "^0.0.14",
     "@types/express": "^5.0.5",
     "express": "^5.1.0",
     "inversify": "^7.10.4",