npm - @lenne.tech/nest-server - Versions diffs - 9.4.0 → 9.4.1 - Mend

@lenne.tech/nest-server 9.4.0 → 9.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "9.4.0",
+  "version": "9.4.1",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",

package/src/core/common/decorators/restricted.decorator.ts CHANGED Viewed

@@ -137,6 +137,7 @@ export const checkRestricted = (
         roles.includes(RoleEnum.S_EVERYONE) ||
         user?.hasRole?.(roles) ||
         (user?.id && roles.includes(RoleEnum.S_USER)) ||
+        (roles.includes(RoleEnum.S_SELF) && getIncludedIds(config.dbObject, user)) ||
         (roles.includes(RoleEnum.S_CREATOR) && getIncludedIds(config.dbObject?.createdBy, user))
       ) {
         valid = true;

package/src/core/common/enums/role.enum.ts CHANGED Viewed

@@ -53,4 +53,7 @@ export enum RoleEnum {
   // User must be the creator of the processed object(s) (see createdBy property of object(s))
   S_CREATOR = 's_creator',
+  // User must be herself/himself
+  S_SELF = 's_self',
 }

package/src/core/common/helpers/input.helper.ts CHANGED Viewed

@@ -250,6 +250,8 @@ export async function check(
       (roles.includes(RoleEnum.S_USER) && user?.id) ||
       // check if the user has at least one of the required roles
       user?.hasRole?.(roles) ||
+      // check if the user is herself / himself
+      (roles.includes(RoleEnum.S_SELF) && equalIds(config.dbObject, user)) ||
       // check if the user is the creator
       (roles.includes(RoleEnum.S_CREATOR) && equalIds(config.dbObject?.createdBy, user))
     ) {

package/src/server/modules/user/user.resolver.ts CHANGED Viewed

@@ -62,7 +62,7 @@ export class UserResolver {
   async getUser(@GraphQLServiceOptions() serviceOptions: ServiceOptions, @Args('id') id: string): Promise<User> {
     return await this.userService.get(id, {
       ...serviceOptions,
-      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR],
+      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR, RoleEnum.S_SELF],
     });
   }
@@ -111,7 +111,7 @@ export class UserResolver {
   async deleteUser(@GraphQLServiceOptions() serviceOptions: ServiceOptions, @Args('id') id: string): Promise<User> {
     return await this.userService.delete(id, {
       ...serviceOptions,
-      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR],
+      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR, RoleEnum.S_SELF],
     });
   }
@@ -138,7 +138,7 @@ export class UserResolver {
     return await this.userService.update(id, input, {
       ...serviceOptions,
       inputType: UserInput,
-      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR],
+      roles: [RoleEnum.ADMIN, RoleEnum.S_CREATOR, RoleEnum.S_SELF],
     });
   }