npm - @minimaltech/node-infra - Versions diffs - 0.5.9-22 → 0.5.9-24 - Mend

@minimaltech/node-infra 0.5.9-22 → 0.5.9-24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (175) hide show

package/dist/components/authorize/migrations/0000-create-view-policy.js CHANGED Viewed

@@ -1,4 +1,13 @@
 "use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -9,7 +18,9 @@ const utilities_1 = require("../../../utilities");
 const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
 const common_1 = require("../common");
 const sqls = [
+    // UUID
     `CREATE EXTENSION IF NOT EXISTS "uuid-ossp"`,
+    // View policies
     'DROP VIEW IF EXISTS "ViewAuthorizePolicy";',
     `CREATE OR REPLACE VIEW "ViewAuthorizePolicy"
   AS (
@@ -46,7 +57,7 @@ const sqls = [
 ];
 const createViewPolicy = (opts) => ({
     name: __filename.slice(__dirname.length + 1),
-    fn: async (application) => {
+    fn: (application) => __awaiter(void 0, void 0, void 0, function* () {
         if (!opts.datasourceKey || (0, isEmpty_1.default)(opts.datasourceKey)) {
             throw (0, utilities_1.getError)({
                 statusCode: 500,
@@ -63,9 +74,9 @@ const createViewPolicy = (opts) => ({
         }
         for (const sql of sqls) {
             helpers_1.applicationLogger.info('[creatViewPolicy] START | Execute SQL: %s', sql);
-            await datasource.execute(sql);
+            yield datasource.execute(sql);
             helpers_1.applicationLogger.info('[createViewPolicy] DONE | Execute SQL: %s', sql);
         }
-    },
+    }),
 });
 exports.createViewPolicy = createViewPolicy;

package/dist/components/authorize/models/defs.js CHANGED Viewed

@@ -14,14 +14,9 @@ const models_1 = require("../../../base/models");
 const common_1 = require("../../../common");
 const mixins_1 = require("../../../mixins");
 const repository_1 = require("@loopback/repository");
+// -----------------------------------------------------------------------
 const defineUser = () => {
     class User extends models_1.BaseTzEntity {
-        realm;
-        status;
-        userType;
-        activatedAt;
-        lastLoginAt;
-        parentId;
         constructor(data) {
             super(data);
         }
@@ -86,13 +81,9 @@ const defineUser = () => {
     return User;
 };
 exports.defineUser = defineUser;
+// -----------------------------------------------------------------------
 const defineRole = () => {
     class Role extends models_1.BaseTzEntity {
-        identifier;
-        name;
-        description;
-        priority;
-        status;
         constructor(data) {
             super(data);
         }
@@ -133,16 +124,9 @@ const defineRole = () => {
     return Role;
 };
 exports.defineRole = defineRole;
+// -----------------------------------------------------------------------
 const definePermission = () => {
     class Permission extends models_1.BaseTzEntity {
-        code;
-        name;
-        subject;
-        pType;
-        action;
-        scope;
-        parentId;
-        details;
         constructor(data) {
             super(data);
         }
@@ -204,12 +188,9 @@ const definePermission = () => {
     return Permission;
 };
 exports.definePermission = definePermission;
+// -----------------------------------------------------------------------
 const definePermissionMapping = () => {
     class PermissionMapping extends models_1.BaseTzEntity {
-        userId;
-        roleId;
-        permissionId;
-        effect;
         constructor(data) {
             super(data);
         }
@@ -242,9 +223,9 @@ const definePermissionMapping = () => {
     return PermissionMapping;
 };
 exports.definePermissionMapping = definePermissionMapping;
+// -----------------------------------------------------------------------
 const defineUserRole = () => {
     class UserRole extends (0, mixins_1.PrincipalMixin)(models_1.BaseTzEntity, 'Role', 'number') {
-        userId;
         constructor(data) {
             super(data);
         }

package/dist/components/authorize/models/role.model.js CHANGED Viewed

@@ -14,8 +14,8 @@ const repository_1 = require("@loopback/repository");
 const _1 = require(".");
 const defs_1 = require("./defs");
 const BaseRole = (0, defs_1.defineRole)();
+// ---------------------------------------------------------------
 let Role = class Role extends BaseRole {
-    permissions;
     constructor(data) {
         super(data);
     }

package/dist/components/authorize/models/user-role.model.js CHANGED Viewed

@@ -13,6 +13,7 @@ exports.UserRole = void 0;
 const repository_1 = require("@loopback/repository");
 const defs_1 = require("./defs");
 const BaseUserRole = (0, defs_1.defineUserRole)();
+// ---------------------------------------------------------------
 let UserRole = class UserRole extends BaseUserRole {
     constructor(data) {
         super(data);

package/dist/components/authorize/models/view-authorize-policy.model.js CHANGED Viewed

@@ -12,11 +12,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ViewAuthorizePolicy = void 0;
 const models_1 = require("../../../base/models");
 const repository_1 = require("@loopback/repository");
+// ---------------------------------------------------------------
 let ViewAuthorizePolicy = class ViewAuthorizePolicy extends models_1.BaseEntity {
-    id;
-    subject;
-    subjectType;
-    subjectId;
     constructor(data) {
         super(data);
     }

package/dist/components/authorize/provider.js CHANGED Viewed

@@ -11,6 +11,15 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -26,10 +35,6 @@ const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
 const common_1 = require("./common");
 const services_1 = require("./services");
 let AuthorizeProvider = AuthorizeProvider_1 = class AuthorizeProvider {
-    enforcerService;
-    alwaysAllowRoles;
-    normalizePayloadFn;
-    logger;
     constructor(enforcerService, alwaysAllowRoles, normalizePayloadFn) {
         this.enforcerService = enforcerService;
         this.alwaysAllowRoles = alwaysAllowRoles;
@@ -39,97 +44,107 @@ let AuthorizeProvider = AuthorizeProvider_1 = class AuthorizeProvider {
     value() {
         return this.authorize.bind(this);
     }
+    // -------------------------------------------------------------------------------------------------------------------
     normalizeEnforcePayload(opts) {
+        var _a, _b, _c;
         const { subject, object, scope } = opts;
         return {
-            subject: subject?.toLowerCase() || '',
-            object: scope?.toLowerCase() ??
-                (object?.toLowerCase() || '')?.replace(/controller/g, '')?.replace(/.prototype/g, ''),
+            subject: (subject === null || subject === void 0 ? void 0 : subject.toLowerCase()) || '',
+            object: (_a = scope === null || scope === void 0 ? void 0 : scope.toLowerCase()) !== null && _a !== void 0 ? _a : (_c = (_b = ((object === null || object === void 0 ? void 0 : object.toLowerCase()) || '')) === null || _b === void 0 ? void 0 : _b.replace(/controller/g, '')) === null || _c === void 0 ? void 0 : _c.replace(/.prototype/g, ''),
             action: common_1.EnforcerDefinitions.ACTION_EXECUTE,
         };
     }
-    async authorizePermission(userId, object, scopes) {
-        let isSingleAuthRs = false;
-        let isScopeAuthRs = true;
-        const enforcer = await this.enforcerService.getTypeEnforcer(userId);
-        if (!enforcer) {
-            this.logger.debug('[authorizePermission] Skip authorization for NULL enforcer!');
-            return false;
-        }
-        const subject = `${common_1.EnforcerDefinitions.PREFIX_USER}_${userId}`;
-        for (const scope of scopes ?? []) {
-            const enforcePayload = this.normalizePayloadFn?.({ subject, object, scope }) ??
-                this.normalizeEnforcePayload({ subject, object, scope });
-            isScopeAuthRs = await enforcer.enforce(enforcePayload.subject, enforcePayload.object, enforcePayload.action);
-            this.logger.debug('[authorizePermission] Payload: %j | scopeAuthRs: %s', enforcePayload, isScopeAuthRs);
+    // -------------------------------------------------------------------------------------------------------------------
+    authorizePermission(userId, object, scopes) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c, _d;
+            let isSingleAuthRs = false;
+            let isScopeAuthRs = true;
+            const enforcer = yield this.enforcerService.getTypeEnforcer(userId);
+            if (!enforcer) {
+                this.logger.debug('[authorizePermission] Skip authorization for NULL enforcer!');
+                return false;
+            }
+            const subject = `${common_1.EnforcerDefinitions.PREFIX_USER}_${userId}`;
+            for (const scope of scopes !== null && scopes !== void 0 ? scopes : []) {
+                const enforcePayload = (_b = (_a = this.normalizePayloadFn) === null || _a === void 0 ? void 0 : _a.call(this, { subject, object, scope })) !== null && _b !== void 0 ? _b : this.normalizeEnforcePayload({ subject, object, scope });
+                isScopeAuthRs = yield enforcer.enforce(enforcePayload.subject, enforcePayload.object, enforcePayload.action);
+                this.logger.debug('[authorizePermission] Payload: %j | scopeAuthRs: %s', enforcePayload, isScopeAuthRs);
+                if (!isScopeAuthRs) {
+                    this.logger.debug('[authorizePermission] Permission denied | Payload: %j', enforcePayload);
+                    break;
+                }
+            }
             if (!isScopeAuthRs) {
-                this.logger.debug('[authorizePermission] Permission denied | Payload: %j', enforcePayload);
-                break;
+                return isScopeAuthRs;
             }
-        }
-        if (!isScopeAuthRs) {
-            return isScopeAuthRs;
-        }
-        if (object) {
-            const enforcePayload = this.normalizePayloadFn?.({ subject, object }) ??
-                this.normalizeEnforcePayload({ subject, object });
-            isSingleAuthRs = await enforcer.enforce(enforcePayload.subject, enforcePayload.object, enforcePayload.action);
-            this.logger.debug('[authorizePermission] Payload: %j | singleAuthRs: %s', enforcePayload, isSingleAuthRs);
-        }
-        return isScopeAuthRs && isSingleAuthRs;
+            if (object) {
+                const enforcePayload = (_d = (_c = this.normalizePayloadFn) === null || _c === void 0 ? void 0 : _c.call(this, { subject, object })) !== null && _d !== void 0 ? _d : this.normalizeEnforcePayload({ subject, object });
+                isSingleAuthRs = yield enforcer.enforce(enforcePayload.subject, enforcePayload.object, enforcePayload.action);
+                this.logger.debug('[authorizePermission] Payload: %j | singleAuthRs: %s', enforcePayload, isSingleAuthRs);
+            }
+            return isScopeAuthRs && isSingleAuthRs;
+        });
     }
-    async authorize(context, metadata) {
-        const t = new Date().getTime();
-        if (context?.principals.length <= 0) {
-            return authorization_1.AuthorizationDecision.DENY;
-        }
-        const { userId, roles: encodedRoles } = context.principals[0];
-        const roleIds = [];
-        const roleIdentifiers = [];
-        const roles = [];
-        for (const encodedRole of encodedRoles) {
-            if (!encodedRole || (0, isEmpty_1.default)(encodedRole)) {
-                continue;
+    // -------------------------------------------------------------------------------------------------------------------
+    authorize(context, metadata) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
+            const t = new Date().getTime();
+            if ((context === null || context === void 0 ? void 0 : context.principals.length) <= 0) {
+                return authorization_1.AuthorizationDecision.DENY;
             }
-            const { id, identifier } = encodedRole;
-            roleIds.push((0, utilities_1.int)(id));
-            roleIdentifiers.push(identifier);
-            roles.push({ id, identifier });
-        }
-        if (!userId || !roles?.length) {
-            return authorization_1.AuthorizationDecision.DENY;
-        }
-        const { resource, allowedRoles = [], scopes, voters } = metadata;
-        const requestResource = resource ?? context.resource;
-        if ((0, intersection_1.default)(this.alwaysAllowRoles, roleIdentifiers)?.length > 0 ||
-            (0, intersection_1.default)(allowedRoles, roleIdentifiers)?.length > 0) {
-            return authorization_1.AuthorizationDecision.ALLOW;
-        }
-        if (voters && voters?.length > 0) {
-            const voterRs = await Promise.all(voters?.map(el => {
-                switch (typeof el) {
-                    case 'function': {
-                        return el?.(context, metadata);
-                    }
-                    default: {
-                        throw (0, utilities_1.getError)({
-                            message: '[authorize][voter] voter implementation must be function type!',
-                        });
-                    }
+            const { userId, roles: encodedRoles } = context.principals[0];
+            const roleIds = [];
+            const roleIdentifiers = [];
+            const roles = [];
+            for (const encodedRole of encodedRoles) {
+                if (!encodedRole || (0, isEmpty_1.default)(encodedRole)) {
+                    continue;
                 }
-            }));
-            const voterSet = new Set(voterRs);
-            if (voterSet.size === 1 && voterSet.has(authorization_1.AuthorizationDecision.ALLOW)) {
-                return authorization_1.AuthorizationDecision.ALLOW;
+                const { id, identifier } = encodedRole;
+                roleIds.push((0, utilities_1.int)(id));
+                roleIdentifiers.push(identifier);
+                roles.push({ id, identifier });
             }
-            if (voterSet.has(authorization_1.AuthorizationDecision.DENY)) {
+            // DENY all unknown user and unknow roles
+            if (!userId || !(roles === null || roles === void 0 ? void 0 : roles.length)) {
                 return authorization_1.AuthorizationDecision.DENY;
             }
-        }
-        const isAuthorized = await this.authorizePermission(userId, requestResource, scopes);
-        const rs = isAuthorized ? authorization_1.AuthorizationDecision.ALLOW : authorization_1.AuthorizationDecision.DENY;
-        this.logger.debug('[authorize] Authorizing... | Resource: %s | allowedRoles: %j | scopes: %j | Took: %d(ms)', requestResource, allowedRoles, scopes, new Date().getTime() - t);
-        return rs;
+            const { resource, allowedRoles = [], scopes, voters } = metadata;
+            const requestResource = resource !== null && resource !== void 0 ? resource : context.resource;
+            // Verify static roles
+            if (((_a = (0, intersection_1.default)(this.alwaysAllowRoles, roleIdentifiers)) === null || _a === void 0 ? void 0 : _a.length) > 0 ||
+                ((_b = (0, intersection_1.default)(allowedRoles, roleIdentifiers)) === null || _b === void 0 ? void 0 : _b.length) > 0) {
+                return authorization_1.AuthorizationDecision.ALLOW;
+            }
+            if (voters && (voters === null || voters === void 0 ? void 0 : voters.length) > 0) {
+                const voterRs = yield Promise.all(voters === null || voters === void 0 ? void 0 : voters.map(el => {
+                    switch (typeof el) {
+                        case 'function': {
+                            return el === null || el === void 0 ? void 0 : el(context, metadata);
+                        }
+                        default: {
+                            throw (0, utilities_1.getError)({
+                                message: '[authorize][voter] voter implementation must be function type!',
+                            });
+                        }
+                    }
+                }));
+                const voterSet = new Set(voterRs);
+                if (voterSet.size === 1 && voterSet.has(authorization_1.AuthorizationDecision.ALLOW)) {
+                    return authorization_1.AuthorizationDecision.ALLOW;
+                }
+                if (voterSet.has(authorization_1.AuthorizationDecision.DENY)) {
+                    return authorization_1.AuthorizationDecision.DENY;
+                }
+            }
+            // Authorize by role and user permissions
+            const isAuthorized = yield this.authorizePermission(userId, requestResource, scopes);
+            const rs = isAuthorized ? authorization_1.AuthorizationDecision.ALLOW : authorization_1.AuthorizationDecision.DENY;
+            this.logger.debug('[authorize] Authorizing... | Resource: %s | allowedRoles: %j | scopes: %j | Took: %d(ms)', requestResource, allowedRoles, scopes, new Date().getTime() - t);
+            return rs;
+        });
     }
 };
 exports.AuthorizeProvider = AuthorizeProvider;

package/dist/components/authorize/repositories/authorize.repository.js CHANGED Viewed

@@ -24,6 +24,7 @@ const repository_1 = require("@loopback/repository");
 const models_1 = require("../models");
 const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
 const DS_AUTHORIZE = process.env.APP_ENV_APPLICATION_DS_AUTHORIZE;
+// ----------------------------------------------------------------------------
 class AbstractAuthorizeRepository extends repositories_1.TzCrudRepository {
     constructor(entityClass, dataSource) {
         if (!DS_AUTHORIZE || (0, isEmpty_1.default)(DS_AUTHORIZE)) {
@@ -36,10 +37,8 @@ class AbstractAuthorizeRepository extends repositories_1.TzCrudRepository {
     }
 }
 exports.AbstractAuthorizeRepository = AbstractAuthorizeRepository;
+// ----------------------------------------------------------------------------
 let RoleRepository = class RoleRepository extends AbstractAuthorizeRepository {
-    permissionRepositoryGetter;
-    permissionMappingRepositoryGetter;
-    permissions;
     constructor(dataSource, permissionRepositoryGetter, permissionMappingRepositoryGetter) {
         super(models_1.Role, dataSource);
         this.permissionRepositoryGetter = permissionRepositoryGetter;
@@ -56,6 +55,7 @@ exports.RoleRepository = RoleRepository = __decorate([
     __param(2, repository_1.repository.getter('PermissionMappingRepository')),
     __metadata("design:paramtypes", [datasources_1.BaseDataSource, Function, Function])
 ], RoleRepository);
+// ----------------------------------------------------------------------------
 let PermissionRepository = class PermissionRepository extends AbstractAuthorizeRepository {
     constructor(dataSource) {
         super(models_1.Permission, dataSource);
@@ -67,6 +67,7 @@ exports.PermissionRepository = PermissionRepository = __decorate([
     __param(0, (0, core_1.inject)(`datasources.${DS_AUTHORIZE}`)),
     __metadata("design:paramtypes", [datasources_1.BaseDataSource])
 ], PermissionRepository);
+// ----------------------------------------------------------------------------
 let PermissionMappingRepository = class PermissionMappingRepository extends AbstractAuthorizeRepository {
     constructor(dataSource) {
         super(models_1.PermissionMapping, dataSource);
@@ -78,6 +79,7 @@ exports.PermissionMappingRepository = PermissionMappingRepository = __decorate([
     __param(0, (0, core_1.inject)(`datasources.${DS_AUTHORIZE}`)),
     __metadata("design:paramtypes", [datasources_1.BaseDataSource])
 ], PermissionMappingRepository);
+// ----------------------------------------------------------------------------
 let UserRoleRepository = class UserRoleRepository extends AbstractAuthorizeRepository {
     constructor(dataSource) {
         super(models_1.UserRole, dataSource);
@@ -89,6 +91,7 @@ exports.UserRoleRepository = UserRoleRepository = __decorate([
     __param(0, (0, core_1.inject)(`datasources.${DS_AUTHORIZE}`)),
     __metadata("design:paramtypes", [datasources_1.BaseDataSource])
 ], UserRoleRepository);
+// ----------------------------------------------------------------------------
 let ViewAuthorizePolicyRepository = class ViewAuthorizePolicyRepository extends repositories_1.ViewRepository {
     constructor(dataSource) {
         super(models_1.ViewAuthorizePolicy, dataSource);

package/dist/components/authorize/services/enforcer.service.js CHANGED Viewed

@@ -11,6 +11,15 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -27,10 +36,6 @@ const node_fs_1 = __importDefault(require("node:fs"));
 const adapters_1 = require("../adapters");
 const common_1 = require("../common");
 let EnforcerService = EnforcerService_1 = class EnforcerService {
-    options;
-    dataSource;
-    logger;
-    enforcer;
     constructor(options, dataSource) {
         this.options = options;
         this.dataSource = dataSource;
@@ -58,28 +63,30 @@ let EnforcerService = EnforcerService_1 = class EnforcerService {
             });
         }
         this.logger.info('[getEnforcer] Creating new Enforcer with configure path: %s | dataSource: %s', confPath, this.dataSource.name);
-        const casbinAdapter = adapter ??
-            adapters_1.CasbinAdapterBuilder.getInstance().build({
-                type: adapterType,
-                dataSource: this.dataSource,
-            });
+        const casbinAdapter = adapter !== null && adapter !== void 0 ? adapter : adapters_1.CasbinAdapterBuilder.getInstance().build({
+            type: adapterType,
+            dataSource: this.dataSource,
+        });
         if (useCache) {
             return (0, casbin_1.newCachedEnforcer)(confPath, casbinAdapter);
         }
         this.logger.debug('[getEnforcer] Created new enforcer | Configure path: %s', confPath);
         return (0, casbin_1.newEnforcer)(confPath, casbinAdapter);
     }
-    async getTypeEnforcer(id) {
-        const enforcer = await this.getEnforcer();
-        if (!enforcer) {
-            return null;
-        }
-        const filterValue = {
-            principalType: 'User',
-            principalValue: id,
-        };
-        await enforcer.loadFilteredPolicy(filterValue);
-        return enforcer;
+    // -----------------------------------------------------------------------------------------
+    getTypeEnforcer(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const enforcer = yield this.getEnforcer();
+            if (!enforcer) {
+                return null;
+            }
+            const filterValue = {
+                principalType: 'User',
+                principalValue: id,
+            };
+            yield enforcer.loadFilteredPolicy(filterValue);
+            return enforcer;
+        });
     }
 };
 exports.EnforcerService = EnforcerService;

package/dist/components/authorize/services/generator.service.d.ts CHANGED Viewed

@@ -43,9 +43,29 @@ export declare class GeneratePermissionService {
         permissionRepository: PermissionRepository;
         controllers: Array<Constructor<IController>>;
     }): Promise<void>;
+    /**
+     * Obtain all permission codes for a controller
+     *
+     * @returns {string[]} List of permission codes
+     */
     getPermissionCodes(opts: {
         controllers: Array<Constructor<IController>>;
     }): string[];
+    /**
+     * Write all permission codes for a list of controllers to a file
+     *
+     * @param outputPath - Path to write
+     *
+     * @example
+     * const generatePermissionService = new GeneratePermissionService();
+     *
+     * generatePermissionService.getPermissionCodesAndWriteToFile({
+     *    controllers: [XboxController, PSController, NintendoController],
+     *    outputPath: './src/migrations/',
+     *    fileName: 'permissionCodes',
+     *    fileType: 'ts',
+     * });
+     */
     getPermissionCodesAndWriteToFile(opts: {
         controllers: Array<Constructor<IController>>;
         outputPath?: string;