npm - @punks/backend-entity-manager - Versions diffs - 0.0.180 → 0.0.181 - Mend

@punks/backend-entity-manager 0.0.180 → 0.0.181

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/cjs/index.js +32 -3
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/types/platforms/nest/extensions/authentication/guards/auth.d.ts +2 -0
package/dist/esm/index.js +32 -3
package/dist/esm/index.js.map +1 -1
package/dist/esm/types/platforms/nest/extensions/authentication/guards/auth.d.ts +2 -0
package/dist/index.d.ts +2 -0
package/package.json +1 -1

package/dist/cjs/types/platforms/nest/extensions/authentication/guards/auth.d.ts CHANGED Viewed

@@ -6,9 +6,11 @@ export declare class AuthGuard implements CanActivate {
     constructor(reflector: Reflector);
     canActivate(context: ExecutionContext): boolean;
     private isRoleMatching;
+    private isPermissionMatching;
     private getIsForAllAuthenticated;
     private getIsPublic;
     private getAllowedRoles;
+    private getAllowedPermissions;
     private getCurrentAuth;
     private getMetadata;
     private getContextInfo;

package/dist/esm/index.js CHANGED Viewed

@@ -2621,15 +2621,34 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
         const allowedRoles = this.getAllowedRoles(context);
         if (allowedRoles) {
             const isAllowed = this.isRoleMatching(allowedRoles, auth?.roles ?? []);
-            this.logger.debug(`Authorized:${isAllowed} -> authorization guard`, {
+            this.logger.debug(`Authorized:${isAllowed} -> authorization role guard`, {
                 ...this.getContextInfo({
                     context,
                     roles: auth?.roles,
                     user: auth?.user,
+                    permissions: auth?.permissions,
                 }),
                 allowedRoles,
             });
-            return isAllowed;
+            if (!isAllowed) {
+                return false;
+            }
+        }
+        const allowedPermissions = this.getAllowedPermissions(context);
+        if (allowedPermissions) {
+            const isAllowed = this.isPermissionMatching(allowedPermissions, auth?.roles ?? []);
+            this.logger.debug(`Authorized:${isAllowed} -> authorization permission guard`, {
+                ...this.getContextInfo({
+                    context,
+                    roles: auth?.roles,
+                    user: auth?.user,
+                    permissions: auth?.permissions,
+                }),
+                allowedPermissions,
+            });
+            if (!isAllowed) {
+                return false;
+            }
         }
         const isForAllAuthenticated = this.getIsForAllAuthenticated(context);
         if (isForAllAuthenticated) {
@@ -2639,6 +2658,7 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
                     context,
                     roles: auth?.roles,
                     user: auth?.user,
+                    permissions: auth?.permissions,
                 }),
             });
             return isAuthenticated;
@@ -2649,6 +2669,7 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
                 context,
                 roles: auth?.roles,
                 user: auth?.user,
+                permissions: auth?.permissions,
             }),
         });
         return isAuthenticated;
@@ -2656,6 +2677,9 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
     isRoleMatching(allowedRoles, userRoles) {
         return userRoles.some((role) => allowedRoles.includes(role.uid));
     }
+    isPermissionMatching(allowedPermissions, userPermissions) {
+        return userPermissions.some((permission) => allowedPermissions.includes(permission.uid));
+    }
     getIsForAllAuthenticated(context) {
         return this.getMetadata(AuthenticationGuardsSymbols.Authenticated, context);
     }
@@ -2665,12 +2689,16 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
     getAllowedRoles(context) {
         return this.getMetadata(AuthenticationGuardsSymbols.Roles, context);
     }
+    getAllowedPermissions(context) {
+        return this.getMetadata(AuthenticationGuardsSymbols.Permissions, context);
+    }
     getCurrentAuth(context) {
         const request = context.switchToHttp()?.getRequest();
         return request?.auth?.user
             ? {
                 user: request.auth.user,
                 roles: request.auth.roles,
+                permissions: request.auth.permissions,
             }
             : undefined;
     }
@@ -2680,7 +2708,7 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
             context.getClass(),
         ]);
     }
-    getContextInfo({ context, user, roles, }) {
+    getContextInfo({ context, user, roles, permissions, }) {
         return {
             request: {
                 path: context.switchToHttp()?.getRequest()?.path,
@@ -2693,6 +2721,7 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
                         userName: user.userName,
                         email: user.email,
                         roles: roles?.map((role) => role.uid),
+                        permissions: permissions?.map((permission) => permission.uid),
                     },
                 }
                 : {}),