@punks/backend-entity-manager 0.0.179 → 0.0.181
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.js +32 -3
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/types/abstractions/authentication.d.ts +5 -0
- package/dist/cjs/types/platforms/nest/__test__/server/infrastructure/authentication/types.d.ts +2 -1
- package/dist/cjs/types/platforms/nest/extensions/authentication/guards/auth.d.ts +2 -0
- package/dist/esm/index.js +32 -3
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/types/abstractions/authentication.d.ts +5 -0
- package/dist/esm/types/platforms/nest/__test__/server/infrastructure/authentication/types.d.ts +2 -1
- package/dist/esm/types/platforms/nest/extensions/authentication/guards/auth.d.ts +2 -0
- package/dist/index.d.ts +8 -1
- package/package.json +1 -1
package/dist/cjs/index.js
CHANGED
|
@@ -2629,15 +2629,34 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2629
2629
|
const allowedRoles = this.getAllowedRoles(context);
|
|
2630
2630
|
if (allowedRoles) {
|
|
2631
2631
|
const isAllowed = this.isRoleMatching(allowedRoles, auth?.roles ?? []);
|
|
2632
|
-
this.logger.debug(`Authorized:${isAllowed} -> authorization guard`, {
|
|
2632
|
+
this.logger.debug(`Authorized:${isAllowed} -> authorization role guard`, {
|
|
2633
2633
|
...this.getContextInfo({
|
|
2634
2634
|
context,
|
|
2635
2635
|
roles: auth?.roles,
|
|
2636
2636
|
user: auth?.user,
|
|
2637
|
+
permissions: auth?.permissions,
|
|
2637
2638
|
}),
|
|
2638
2639
|
allowedRoles,
|
|
2639
2640
|
});
|
|
2640
|
-
|
|
2641
|
+
if (!isAllowed) {
|
|
2642
|
+
return false;
|
|
2643
|
+
}
|
|
2644
|
+
}
|
|
2645
|
+
const allowedPermissions = this.getAllowedPermissions(context);
|
|
2646
|
+
if (allowedPermissions) {
|
|
2647
|
+
const isAllowed = this.isPermissionMatching(allowedPermissions, auth?.roles ?? []);
|
|
2648
|
+
this.logger.debug(`Authorized:${isAllowed} -> authorization permission guard`, {
|
|
2649
|
+
...this.getContextInfo({
|
|
2650
|
+
context,
|
|
2651
|
+
roles: auth?.roles,
|
|
2652
|
+
user: auth?.user,
|
|
2653
|
+
permissions: auth?.permissions,
|
|
2654
|
+
}),
|
|
2655
|
+
allowedPermissions,
|
|
2656
|
+
});
|
|
2657
|
+
if (!isAllowed) {
|
|
2658
|
+
return false;
|
|
2659
|
+
}
|
|
2641
2660
|
}
|
|
2642
2661
|
const isForAllAuthenticated = this.getIsForAllAuthenticated(context);
|
|
2643
2662
|
if (isForAllAuthenticated) {
|
|
@@ -2647,6 +2666,7 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2647
2666
|
context,
|
|
2648
2667
|
roles: auth?.roles,
|
|
2649
2668
|
user: auth?.user,
|
|
2669
|
+
permissions: auth?.permissions,
|
|
2650
2670
|
}),
|
|
2651
2671
|
});
|
|
2652
2672
|
return isAuthenticated;
|
|
@@ -2657,6 +2677,7 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2657
2677
|
context,
|
|
2658
2678
|
roles: auth?.roles,
|
|
2659
2679
|
user: auth?.user,
|
|
2680
|
+
permissions: auth?.permissions,
|
|
2660
2681
|
}),
|
|
2661
2682
|
});
|
|
2662
2683
|
return isAuthenticated;
|
|
@@ -2664,6 +2685,9 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2664
2685
|
isRoleMatching(allowedRoles, userRoles) {
|
|
2665
2686
|
return userRoles.some((role) => allowedRoles.includes(role.uid));
|
|
2666
2687
|
}
|
|
2688
|
+
isPermissionMatching(allowedPermissions, userPermissions) {
|
|
2689
|
+
return userPermissions.some((permission) => allowedPermissions.includes(permission.uid));
|
|
2690
|
+
}
|
|
2667
2691
|
getIsForAllAuthenticated(context) {
|
|
2668
2692
|
return this.getMetadata(AuthenticationGuardsSymbols.Authenticated, context);
|
|
2669
2693
|
}
|
|
@@ -2673,12 +2697,16 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2673
2697
|
getAllowedRoles(context) {
|
|
2674
2698
|
return this.getMetadata(AuthenticationGuardsSymbols.Roles, context);
|
|
2675
2699
|
}
|
|
2700
|
+
getAllowedPermissions(context) {
|
|
2701
|
+
return this.getMetadata(AuthenticationGuardsSymbols.Permissions, context);
|
|
2702
|
+
}
|
|
2676
2703
|
getCurrentAuth(context) {
|
|
2677
2704
|
const request = context.switchToHttp()?.getRequest();
|
|
2678
2705
|
return request?.auth?.user
|
|
2679
2706
|
? {
|
|
2680
2707
|
user: request.auth.user,
|
|
2681
2708
|
roles: request.auth.roles,
|
|
2709
|
+
permissions: request.auth.permissions,
|
|
2682
2710
|
}
|
|
2683
2711
|
: undefined;
|
|
2684
2712
|
}
|
|
@@ -2688,7 +2716,7 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2688
2716
|
context.getClass(),
|
|
2689
2717
|
]);
|
|
2690
2718
|
}
|
|
2691
|
-
getContextInfo({ context, user, roles, }) {
|
|
2719
|
+
getContextInfo({ context, user, roles, permissions, }) {
|
|
2692
2720
|
return {
|
|
2693
2721
|
request: {
|
|
2694
2722
|
path: context.switchToHttp()?.getRequest()?.path,
|
|
@@ -2701,6 +2729,7 @@ exports.AuthGuard = AuthGuard_1 = class AuthGuard {
|
|
|
2701
2729
|
userName: user.userName,
|
|
2702
2730
|
email: user.email,
|
|
2703
2731
|
roles: roles?.map((role) => role.uid),
|
|
2732
|
+
permissions: permissions?.map((permission) => permission.uid),
|
|
2704
2733
|
},
|
|
2705
2734
|
}
|
|
2706
2735
|
: {}),
|