@moostjs/arbac 0.5.28 → 0.5.30

package/dist/index.cjs

@@ -1,4 +1,3 @@
-"use strict";
 //#region rolldown:runtime
 var __create = Object.create;
 var __defProp = Object.defineProperty;
@@ -51,7 +50,7 @@ var ArbacUserProvider = class {
 	* @returns {string | Promise<string>} The user ID, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getUserId() {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 	/**
 	* Retrieves the roles assigned to a user based on their ID.
@@ -60,7 +59,7 @@ var ArbacUserProvider = class {
 	* @returns {string[] | Promise<string[]>} An array of role identifiers, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getRoles(id) {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 	/**
 	* Retrieves the attributes associated with a user based on their ID.
@@ -69,14 +68,18 @@ var ArbacUserProvider = class {
 	* @returns {TUserAttrs | Promise<TUserAttrs>} The user attributes, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getAttrs(id) {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 };
 ArbacUserProvider = _ts_decorate([(0, moost.Injectable)()], ArbacUserProvider);
 
 //#endregion
 //#region packages/arbac/src/arbac.composables.ts
-function useArbac() {
+/**
+* Composable for ARBAC (Advanced Role-Based Access Control) utilities within MoostJS.
+*
+* @template TScope - Type representing the scope of access control.
+*/ function useArbac() {
 	const store = (0, moost.useAsyncEventContext)().store("arbac");
 	const cc = (0, moost.useControllerContext)();
 	const getScopes = () => store.get("scopes");
@@ -116,7 +119,12 @@ function getArbacMate() {
 
 //#endregion
 //#region packages/arbac/src/arbac.decorator.ts
-const arbackAuthorizeInterceptor = (0, moost.defineInterceptorFn)(async (before, after, onError) => {
+/**
+* Interceptor function that enforces authorization checks based on ARBAC rules.
+* It evaluates the user's permissions against the requested resource and action.
+*
+* @constant
+*/ const arbackAuthorizeInterceptor = (0, moost.defineInterceptorFn)(async (before, after, onError) => {
 	const logger = (0, moost.useEventLogger)("arbac");
 	const { setScopes, evaluate, resource, action, isPublic } = useArbac();
 	if (!action || !resource || isPublic) return;
@@ -134,18 +142,40 @@ const arbackAuthorizeInterceptor = (0, moost.defineInterceptorFn)(async (before,
 		throw new __wooksjs_event_http.HttpError(401, `Authorization error`);
 	}
 }, moost.TInterceptorPriority.GUARD);
-const ArbacAuthorize = () => (0, moost.Intercept)(arbackAuthorizeInterceptor);
-const ArbacScopes = () => (0, moost.Resolve)(() => useArbac().getScopes());
-const ArbacResource = (name) => getArbacMate().decorate("arbacResourceId", name);
-const ArbacAction = (name) => getArbacMate().decorate("arbacActionId", name);
-const ArbacPublic = () => getArbacMate().decorate("arbacPublic", true);
+/**
+* Decorator that applies the `arbackAuthorizeInterceptor` to enforce authorization.
+*
+* @returns {MethodDecorator} A method decorator that enforces ARBAC.
+*/ const ArbacAuthorize = () => (0, moost.Intercept)(arbackAuthorizeInterceptor);
+/**
+* Resolves and retrieves the current ARBAC scopes in the request context.
+*
+* @returns {Function} A resolver function that returns user access scopes.
+*/ const ArbacScopes = () => (0, moost.Resolve)(() => useArbac().getScopes());
+/**
+* Decorator to specify a resource for ARBAC evaluation.
+*
+* @param {string} name - The name of the resource.
+* @returns {PropertyDecorator} A property decorator for ARBAC resource identification.
+*/ const ArbacResource = (name) => getArbacMate().decorate("arbacResourceId", name);
+/**
+* Decorator to specify an action for ARBAC evaluation.
+*
+* @param {string} name - The name of the action.
+* @returns {PropertyDecorator} A property decorator for ARBAC action identification.
+*/ const ArbacAction = (name) => getArbacMate().decorate("arbacActionId", name);
+/**
+* Marks a resource or action as publicly accessible, bypassing authorization checks.
+*
+* @returns {PropertyDecorator} A property decorator that marks an entity as public.
+*/ const ArbacPublic = () => getArbacMate().decorate("arbacPublic", true);
 
 //#endregion
-exports.ArbacAction = ArbacAction
-exports.ArbacAuthorize = ArbacAuthorize
-exports.ArbacPublic = ArbacPublic
-exports.ArbacResource = ArbacResource
-exports.ArbacScopes = ArbacScopes
+exports.ArbacAction = ArbacAction;
+exports.ArbacAuthorize = ArbacAuthorize;
+exports.ArbacPublic = ArbacPublic;
+exports.ArbacResource = ArbacResource;
+exports.ArbacScopes = ArbacScopes;
 Object.defineProperty(exports, 'ArbacUserProvider', {
   enumerable: true,
   get: function () {
@@ -158,6 +188,6 @@ Object.defineProperty(exports, 'MoostArbac', {
     return MoostArbac;
   }
 });
-exports.arbackAuthorizeInterceptor = arbackAuthorizeInterceptor
-exports.getArbacMate = getArbacMate
-exports.useArbac = useArbac
+exports.arbackAuthorizeInterceptor = arbackAuthorizeInterceptor;
+exports.getArbacMate = getArbacMate;
+exports.useArbac = useArbac;

package/dist/index.d.ts

@@ -3,25 +3,81 @@ import { Arbac } from '@prostojs/arbac';
 import * as moost from 'moost';
 import { Mate, TMoostMetadata, TMateParamMeta } from 'moost';
 
+/**
+ * Composable for ARBAC (Advanced Role-Based Access Control) utilities within MoostJS.
+ *
+ * @template TScope - Type representing the scope of access control.
+ */
 declare function useArbac<TScope extends object>(): {
+    /**
+     * Get evaluated scopes
+     */
     getScopes: () => TScope[] | undefined;
+    /**
+     * Set evaluated scopes
+     */
     setScopes: (scope: TScope[] | undefined) => TScope[] | undefined;
+    /**
+     * Evaluate access control for the given resource and action.
+     */
     evaluate: (opts: {
         resource: string;
         action: string;
     }) => Promise<_prostojs_arbac.TArbacEvalResult<TScope> & {
         userId: string;
     }>;
+    /**
+     * Current resource
+     */
     resource: string;
+    /**
+     * Current action
+     */
     action: string;
+    /**
+     * Public flag (if true, access must be granted without evaluation)
+     */
     isPublic: boolean;
 };
 
+/**
+ * Interceptor function that enforces authorization checks based on ARBAC rules.
+ * It evaluates the user's permissions against the requested resource and action.
+ *
+ * @constant
+ */
 declare const arbackAuthorizeInterceptor: moost.TInterceptorFn;
+/**
+ * Decorator that applies the `arbackAuthorizeInterceptor` to enforce authorization.
+ *
+ * @returns {MethodDecorator} A method decorator that enforces ARBAC.
+ */
 declare const ArbacAuthorize: () => ClassDecorator & MethodDecorator;
+/**
+ * Resolves and retrieves the current ARBAC scopes in the request context.
+ *
+ * @returns {Function} A resolver function that returns user access scopes.
+ */
 declare const ArbacScopes: () => ParameterDecorator & PropertyDecorator;
+/**
+ * Decorator to specify a resource for ARBAC evaluation.
+ *
+ * @param {string} name - The name of the resource.
+ * @returns {PropertyDecorator} A property decorator for ARBAC resource identification.
+ */
 declare const ArbacResource: (name: string) => MethodDecorator & ClassDecorator & ParameterDecorator & PropertyDecorator;
+/**
+ * Decorator to specify an action for ARBAC evaluation.
+ *
+ * @param {string} name - The name of the action.
+ * @returns {PropertyDecorator} A property decorator for ARBAC action identification.
+ */
 declare const ArbacAction: (name: string) => MethodDecorator & ClassDecorator & ParameterDecorator & PropertyDecorator;
+/**
+ * Marks a resource or action as publicly accessible, bypassing authorization checks.
+ *
+ * @returns {PropertyDecorator} A property decorator that marks an entity as public.
+ */
 declare const ArbacPublic: () => MethodDecorator & ClassDecorator & ParameterDecorator & PropertyDecorator;
 
 interface TArbacMeta {
@@ -35,13 +91,50 @@ declare function getArbacMate(): Mate<TMoostMetadata & TArbacMeta & {
     params: Array<TMateParamMeta>;
 }>;
 
+/**
+ * A DI-enabled extension of the `Arbac` class for use within MoostJS.
+ *
+ * This class allows ARBAC (Advanced Role-Based Access Control) to be easily injected
+ * into MoostJS services and controllers using its dependency injection system.
+ *
+ * @template TUserAttrs - The type representing user attributes relevant to access control.
+ * @template TScope - The type representing access control scopes.
+ */
 declare class MoostArbac<TUserAttrs extends object, TScope extends object> extends Arbac<TUserAttrs, TScope> {
 }
 
+/**
+ * Base class for providing user data required for ARBAC (Advanced Role-Based Access Control) evaluations.
+ *
+ * This class must be extended to define how user data is retrieved in the application.
+ *
+ * @template TUserAttrs - The type representing user attributes relevant to access control.
+ */
 declare class ArbacUserProvider<TUserAttrs extends object> {
+    /**
+     * Retrieves the unique identifier of the user.
+     *
+     * @returns {string | Promise<string>} The user ID, or a rejected promise if not implemented.
+     * @throws {Error} If the method is not overridden by a subclass.
+     */
     getUserId(): string | Promise<string>;
+    /**
+     * Retrieves the roles assigned to a user based on their ID.
+     *
+     * @param {string} id - The user ID.
+     * @returns {string[] | Promise<string[]>} An array of role identifiers, or a rejected promise if not implemented.
+     * @throws {Error} If the method is not overridden by a subclass.
+     */
     getRoles(id: string): string[] | Promise<string[]>;
+    /**
+     * Retrieves the attributes associated with a user based on their ID.
+     *
+     * @param {string} id - The user ID.
+     * @returns {TUserAttrs | Promise<TUserAttrs>} The user attributes, or a rejected promise if not implemented.
+     * @throws {Error} If the method is not overridden by a subclass.
+     */
     getAttrs(id: string): TUserAttrs | Promise<TUserAttrs>;
 }
 
-export { ArbacAction, ArbacAuthorize, ArbacPublic, ArbacResource, ArbacScopes, ArbacUserProvider, MoostArbac, type TArbacMeta, arbackAuthorizeInterceptor, getArbacMate, useArbac };
+export { ArbacAction, ArbacAuthorize, ArbacPublic, ArbacResource, ArbacScopes, ArbacUserProvider, MoostArbac, arbackAuthorizeInterceptor, getArbacMate, useArbac };
+export type { TArbacMeta };

package/dist/index.mjs

@@ -27,7 +27,7 @@ var ArbacUserProvider = class {
 	* @returns {string | Promise<string>} The user ID, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getUserId() {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 	/**
 	* Retrieves the roles assigned to a user based on their ID.
@@ -36,7 +36,7 @@ var ArbacUserProvider = class {
 	* @returns {string[] | Promise<string[]>} An array of role identifiers, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getRoles(id) {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 	/**
 	* Retrieves the attributes associated with a user based on their ID.
@@ -45,14 +45,18 @@ var ArbacUserProvider = class {
 	* @returns {TUserAttrs | Promise<TUserAttrs>} The user attributes, or a rejected promise if not implemented.
 	* @throws {Error} If the method is not overridden by a subclass.
 	*/ getAttrs(id) {
-		return Promise.reject(new Error("ArbacUserProvider class must be extended"));
+		return Promise.reject(/* @__PURE__ */ new Error("ArbacUserProvider class must be extended"));
 	}
 };
 ArbacUserProvider = _ts_decorate([Injectable()], ArbacUserProvider);
 
 //#endregion
 //#region packages/arbac/src/arbac.composables.ts
-function useArbac() {
+/**
+* Composable for ARBAC (Advanced Role-Based Access Control) utilities within MoostJS.
+*
+* @template TScope - Type representing the scope of access control.
+*/ function useArbac() {
 	const store = useAsyncEventContext().store("arbac");
 	const cc = useControllerContext();
 	const getScopes = () => store.get("scopes");
@@ -92,7 +96,12 @@ function getArbacMate() {
 
 //#endregion
 //#region packages/arbac/src/arbac.decorator.ts
-const arbackAuthorizeInterceptor = defineInterceptorFn(async (before, after, onError) => {
+/**
+* Interceptor function that enforces authorization checks based on ARBAC rules.
+* It evaluates the user's permissions against the requested resource and action.
+*
+* @constant
+*/ const arbackAuthorizeInterceptor = defineInterceptorFn(async (before, after, onError) => {
 	const logger = useEventLogger("arbac");
 	const { setScopes, evaluate, resource, action, isPublic } = useArbac();
 	if (!action || !resource || isPublic) return;
@@ -110,11 +119,33 @@ const arbackAuthorizeInterceptor = defineInterceptorFn(async (before, after, onE
 		throw new HttpError(401, `Authorization error`);
 	}
 }, TInterceptorPriority.GUARD);
-const ArbacAuthorize = () => Intercept(arbackAuthorizeInterceptor);
-const ArbacScopes = () => Resolve(() => useArbac().getScopes());
-const ArbacResource = (name) => getArbacMate().decorate("arbacResourceId", name);
-const ArbacAction = (name) => getArbacMate().decorate("arbacActionId", name);
-const ArbacPublic = () => getArbacMate().decorate("arbacPublic", true);
+/**
+* Decorator that applies the `arbackAuthorizeInterceptor` to enforce authorization.
+*
+* @returns {MethodDecorator} A method decorator that enforces ARBAC.
+*/ const ArbacAuthorize = () => Intercept(arbackAuthorizeInterceptor);
+/**
+* Resolves and retrieves the current ARBAC scopes in the request context.
+*
+* @returns {Function} A resolver function that returns user access scopes.
+*/ const ArbacScopes = () => Resolve(() => useArbac().getScopes());
+/**
+* Decorator to specify a resource for ARBAC evaluation.
+*
+* @param {string} name - The name of the resource.
+* @returns {PropertyDecorator} A property decorator for ARBAC resource identification.
+*/ const ArbacResource = (name) => getArbacMate().decorate("arbacResourceId", name);
+/**
+* Decorator to specify an action for ARBAC evaluation.
+*
+* @param {string} name - The name of the action.
+* @returns {PropertyDecorator} A property decorator for ARBAC action identification.
+*/ const ArbacAction = (name) => getArbacMate().decorate("arbacActionId", name);
+/**
+* Marks a resource or action as publicly accessible, bypassing authorization checks.
+*
+* @returns {PropertyDecorator} A property decorator that marks an entity as public.
+*/ const ArbacPublic = () => getArbacMate().decorate("arbacPublic", true);
 
 //#endregion
 export { ArbacAction, ArbacAuthorize, ArbacPublic, ArbacResource, ArbacScopes, ArbacUserProvider, MoostArbac, arbackAuthorizeInterceptor, getArbacMate, useArbac };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@moostjs/arbac",
-  "version": "0.5.28",
+  "version": "0.5.30",
   "description": "Access Control @prostojs/arbac",
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
@@ -36,13 +36,15 @@
     "url": "https://github.com/moostjs/moostjs/issues"
   },
   "homepage": "https://github.com/moostjs/moostjs/tree/main/packages/arbac#readme",
+  "peerDependencies": {
+    "@wooksjs/event-http": "^0.6.1",
+    "moost": "^0.5.30"
+  },
   "dependencies": {
-    "@wooksjs/event-http": "^0.6.0",
-    "@prostojs/arbac": "^0.0.2",
-    "moost": "^0.5.28"
+    "@prostojs/arbac": "^0.0.2"
   },
   "devDependencies": {
-    "vitest": "^3.0.5"
+    "vitest": "3.2.4"
   },
   "scripts": {
     "pub": "pnpm publish --access public",