@lenne.tech/nest-server 11.16.1 → 11.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. package/dist/config.env.js +8 -2
  2. package/dist/config.env.js.map +1 -1
  3. package/dist/core/common/decorators/response-model.decorator.d.ts +3 -0
  4. package/dist/core/common/decorators/response-model.decorator.js +8 -0
  5. package/dist/core/common/decorators/response-model.decorator.js.map +1 -0
  6. package/dist/core/common/helpers/db.helper.js +2 -2
  7. package/dist/core/common/helpers/db.helper.js.map +1 -1
  8. package/dist/core/common/helpers/filter.helper.js +3 -3
  9. package/dist/core/common/helpers/filter.helper.js.map +1 -1
  10. package/dist/core/common/helpers/input.helper.js +2 -2
  11. package/dist/core/common/helpers/input.helper.js.map +1 -1
  12. package/dist/core/common/helpers/interceptor.helper.d.ts +3 -0
  13. package/dist/core/common/helpers/interceptor.helper.js +84 -0
  14. package/dist/core/common/helpers/interceptor.helper.js.map +1 -0
  15. package/dist/core/common/helpers/service.helper.d.ts +1 -0
  16. package/dist/core/common/helpers/service.helper.js +1 -0
  17. package/dist/core/common/helpers/service.helper.js.map +1 -1
  18. package/dist/core/common/interceptors/check-security.interceptor.d.ts +2 -0
  19. package/dist/core/common/interceptors/check-security.interceptor.js +43 -1
  20. package/dist/core/common/interceptors/check-security.interceptor.js.map +1 -1
  21. package/dist/core/common/interceptors/response-model.interceptor.d.ts +13 -0
  22. package/dist/core/common/interceptors/response-model.interceptor.js +107 -0
  23. package/dist/core/common/interceptors/response-model.interceptor.js.map +1 -0
  24. package/dist/core/common/interceptors/translate-response.interceptor.d.ts +8 -0
  25. package/dist/core/common/interceptors/translate-response.interceptor.js +85 -0
  26. package/dist/core/common/interceptors/translate-response.interceptor.js.map +1 -0
  27. package/dist/core/common/interfaces/server-options.interface.d.ts +16 -0
  28. package/dist/core/common/middleware/request-context.middleware.d.ts +5 -0
  29. package/dist/core/common/middleware/request-context.middleware.js +29 -0
  30. package/dist/core/common/middleware/request-context.middleware.js.map +1 -0
  31. package/dist/core/common/pipes/map-and-validate.pipe.js +2 -2
  32. package/dist/core/common/pipes/map-and-validate.pipe.js.map +1 -1
  33. package/dist/core/common/plugins/complexity.plugin.d.ts +2 -2
  34. package/dist/core/common/plugins/mongoose-audit-fields.plugin.d.ts +1 -0
  35. package/dist/core/common/plugins/mongoose-audit-fields.plugin.js +51 -0
  36. package/dist/core/common/plugins/mongoose-audit-fields.plugin.js.map +1 -0
  37. package/dist/core/common/plugins/mongoose-password.plugin.d.ts +4 -0
  38. package/dist/core/common/plugins/mongoose-password.plugin.js +69 -0
  39. package/dist/core/common/plugins/mongoose-password.plugin.js.map +1 -0
  40. package/dist/core/common/plugins/mongoose-role-guard.plugin.d.ts +1 -0
  41. package/dist/core/common/plugins/mongoose-role-guard.plugin.js +80 -0
  42. package/dist/core/common/plugins/mongoose-role-guard.plugin.js.map +1 -0
  43. package/dist/core/common/services/config.service.js +2 -2
  44. package/dist/core/common/services/config.service.js.map +1 -1
  45. package/dist/core/common/services/model-registry.service.d.ts +8 -0
  46. package/dist/core/common/services/model-registry.service.js +20 -0
  47. package/dist/core/common/services/model-registry.service.js.map +1 -0
  48. package/dist/core/common/services/module.service.d.ts +2 -0
  49. package/dist/core/common/services/module.service.js +36 -1
  50. package/dist/core/common/services/module.service.js.map +1 -1
  51. package/dist/core/common/services/request-context.service.d.ts +18 -0
  52. package/dist/core/common/services/request-context.service.js +32 -0
  53. package/dist/core/common/services/request-context.service.js.map +1 -0
  54. package/dist/core/modules/auth/guards/auth.guard.js +2 -2
  55. package/dist/core/modules/auth/guards/auth.guard.js.map +1 -1
  56. package/dist/core/modules/better-auth/core-better-auth.resolver.js +2 -2
  57. package/dist/core/modules/better-auth/core-better-auth.resolver.js.map +1 -1
  58. package/dist/core/modules/permissions/core-permissions.controller.d.ts +13 -0
  59. package/dist/core/modules/permissions/core-permissions.controller.js +71 -0
  60. package/dist/core/modules/permissions/core-permissions.controller.js.map +1 -0
  61. package/dist/core/modules/permissions/core-permissions.module.d.ts +5 -0
  62. package/dist/core/modules/permissions/core-permissions.module.js +36 -0
  63. package/dist/core/modules/permissions/core-permissions.module.js.map +1 -0
  64. package/dist/core/modules/permissions/core-permissions.service.d.ts +34 -0
  65. package/dist/core/modules/permissions/core-permissions.service.js +610 -0
  66. package/dist/core/modules/permissions/core-permissions.service.js.map +1 -0
  67. package/dist/core/modules/permissions/interfaces/permissions.interface.d.ts +93 -0
  68. package/dist/core/modules/permissions/interfaces/permissions.interface.js +3 -0
  69. package/dist/core/modules/permissions/interfaces/permissions.interface.js.map +1 -0
  70. package/dist/core/modules/permissions/permissions-scanner.d.ts +25 -0
  71. package/dist/core/modules/permissions/permissions-scanner.js +817 -0
  72. package/dist/core/modules/permissions/permissions-scanner.js.map +1 -0
  73. package/dist/core.module.js +41 -0
  74. package/dist/core.module.js.map +1 -1
  75. package/dist/index.d.ts +15 -0
  76. package/dist/index.js +15 -0
  77. package/dist/index.js.map +1 -1
  78. package/dist/server/modules/file/file-info.model.d.ts +12 -12
  79. package/dist/server/modules/user/user.model.d.ts +33 -33
  80. package/dist/tsconfig.build.tsbuildinfo +1 -1
  81. package/package.json +35 -30
  82. package/src/config.env.ts +8 -2
  83. package/src/core/common/decorators/response-model.decorator.ts +31 -0
  84. package/src/core/common/helpers/db.helper.ts +2 -2
  85. package/src/core/common/helpers/filter.helper.ts +3 -3
  86. package/src/core/common/helpers/input.helper.ts +2 -2
  87. package/src/core/common/helpers/interceptor.helper.ts +132 -0
  88. package/src/core/common/helpers/service.helper.ts +1 -1
  89. package/src/core/common/interceptors/check-security.interceptor.ts +44 -1
  90. package/src/core/common/interceptors/response-model.interceptor.ts +135 -0
  91. package/src/core/common/interceptors/translate-response.interceptor.ts +104 -0
  92. package/src/core/common/interfaces/server-options.interface.ts +186 -0
  93. package/src/core/common/middleware/request-context.middleware.ts +25 -0
  94. package/src/core/common/pipes/map-and-validate.pipe.ts +2 -2
  95. package/src/core/common/plugins/complexity.plugin.ts +2 -2
  96. package/src/core/common/plugins/mongoose-audit-fields.plugin.ts +74 -0
  97. package/src/core/common/plugins/mongoose-password.plugin.ts +100 -0
  98. package/src/core/common/plugins/mongoose-role-guard.plugin.ts +150 -0
  99. package/src/core/common/services/config.service.ts +2 -2
  100. package/src/core/common/services/model-registry.service.ts +25 -0
  101. package/src/core/common/services/module.service.ts +91 -1
  102. package/src/core/common/services/request-context.service.ts +69 -0
  103. package/src/core/modules/auth/guards/auth.guard.ts +2 -2
  104. package/src/core/modules/better-auth/core-better-auth.resolver.ts +2 -2
  105. package/src/core/modules/permissions/INTEGRATION-CHECKLIST.md +56 -0
  106. package/src/core/modules/permissions/README.md +102 -0
  107. package/src/core/modules/permissions/core-permissions.controller.ts +34 -0
  108. package/src/core/modules/permissions/core-permissions.module.ts +36 -0
  109. package/src/core/modules/permissions/core-permissions.service.ts +627 -0
  110. package/src/core/modules/permissions/interfaces/permissions.interface.ts +125 -0
  111. package/src/core/modules/permissions/permissions-scanner.ts +1011 -0
  112. package/src/core.module.ts +62 -4
  113. package/src/index.ts +20 -0
package/src/core/modules/permissions/interfaces/permissions.interface.ts ADDED
@@ -0,0 +1,125 @@
1
+ /**
2
+ * Configuration for the permissions report module.
3
+ *
4
+ * Follows the "presence implies enabled" pattern:
5
+ * - `true`: Enabled with defaults (admin-only access)
6
+ * - `{ role: 'S_EVERYONE' }`: Enabled with custom role
7
+ * - `{ role: false }`: Enabled without auth check
8
+ * - `{ enabled: false }`: Explicitly disabled
9
+ */
10
+ export interface IPermissions {
11
+ enabled?: boolean;
12
+ /**
13
+ * Base path for permission endpoints.
14
+ * - undefined: Defaults to 'permissions'
15
+ * - string: Custom path (e.g. 'admin/permissions')
16
+ *
17
+ * Resulting endpoints: GET /{path}, GET /{path}/json, GET /{path}/markdown, POST /{path}/rescan
18
+ */
19
+ path?: string;
20
+ /**
21
+ * Role required to access permission endpoints.
22
+ * - undefined: Defaults to RoleEnum.ADMIN
23
+ * - string: Specific role (e.g. 'S_EVERYONE' for public access)
24
+ * - false: No role check at all (no auth required)
25
+ */
26
+ role?: false | string;
27
+ }
28
+
29
+ export interface EffectiveEndpoint {
30
+ effectiveRoles: string[];
31
+ method: string;
32
+ name: string;
33
+ source: string;
34
+ }
35
+
36
+ export interface EffectiveMatrixEntry {
37
+ endpoints: EffectiveEndpoint[];
38
+ role: string;
39
+ }
40
+
41
+ export interface EndpointPermissions {
42
+ className: string;
43
+ classRoles: string[];
44
+ filePath: string;
45
+ methods: MethodPermission[];
46
+ }
47
+
48
+ export interface FieldPermission {
49
+ description?: string;
50
+ inherited?: boolean;
51
+ name: string;
52
+ roles: string;
53
+ }
54
+
55
+ export interface FilePermissions {
56
+ className: string;
57
+ classRestriction: string[];
58
+ extendsClass?: string;
59
+ fields: FieldPermission[];
60
+ filePath: string;
61
+ securityCheck?: SecurityCheckInfo;
62
+ }
63
+
64
+ export interface MethodPermission {
65
+ httpMethod: string;
66
+ name: string;
67
+ roles: string[];
68
+ route?: string;
69
+ }
70
+
71
+ export interface ModulePermissions {
72
+ controllers: EndpointPermissions[];
73
+ inputs: FilePermissions[];
74
+ models: FilePermissions[];
75
+ name: string;
76
+ outputs: FilePermissions[];
77
+ resolvers: EndpointPermissions[];
78
+ }
79
+
80
+ export interface PermissionsReport {
81
+ generated: string;
82
+ modules: ModulePermissions[];
83
+ objects: FilePermissions[];
84
+ roleEnums: RoleEnumInfo[];
85
+ stats: ReportStats;
86
+ warnings: SecurityWarning[];
87
+ }
88
+
89
+ export interface ReportStats {
90
+ endpointCoverage: number;
91
+ securityCoverage: number;
92
+ totalEndpoints: number;
93
+ totalModels: number;
94
+ totalModules: number;
95
+ totalSubObjects: number;
96
+ totalWarnings: number;
97
+ warningsByType: WarningsByType;
98
+ }
99
+
100
+ export interface RoleEnumInfo {
101
+ file: string;
102
+ name: string;
103
+ values: { key: string; value: string }[];
104
+ }
105
+
106
+ export interface SecurityCheckInfo {
107
+ fieldsStripped: string[];
108
+ returnsUndefined: boolean;
109
+ summary: string;
110
+ }
111
+
112
+ export interface SecurityWarning {
113
+ details: string;
114
+ file: string;
115
+ module: string;
116
+ type: string;
117
+ }
118
+
119
+ export interface WarningsByType {
120
+ NO_RESTRICTION: number;
121
+ NO_ROLES: number;
122
+ NO_SECURITY_CHECK: number;
123
+ UNRESTRICTED_FIELD: number;
124
+ UNRESTRICTED_METHOD: number;
125
+ }