@saihu/common 1.1.78 → 1.1.79
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/auth-guard.d.ts +5 -0
- package/dist/auth/auth-guard.d.ts.map +1 -1
- package/dist/auth/auth-guard.js +27 -1
- package/dist/auth/auth.types.d.ts +4 -9
- package/dist/auth/auth.types.d.ts.map +1 -1
- package/dist/auth/decorators.d.ts +1 -3
- package/dist/auth/decorators.d.ts.map +1 -1
- package/dist/auth/decorators.js +1 -10
- package/dist/auth/index.d.ts +3 -0
- package/dist/auth/index.d.ts.map +1 -1
- package/dist/auth/index.js +3 -0
- package/dist/auth/rbac.guard.d.ts +10 -0
- package/dist/auth/rbac.guard.d.ts.map +1 -0
- package/dist/auth/rbac.guard.js +51 -0
- package/dist/auth/rbac.interface.d.ts +6 -0
- package/dist/auth/rbac.interface.d.ts.map +1 -0
- package/dist/auth/rbac.interface.js +4 -0
- package/dist/auth/user.decorator.d.ts +3 -0
- package/dist/auth/user.decorator.d.ts.map +1 -0
- package/dist/auth/user.decorator.js +9 -0
- package/dist/interceptors/operlog.interceptor.js +3 -2
- package/package.json +1 -1
|
@@ -1,5 +1,10 @@
|
|
|
1
|
+
import { Reflector } from '@nestjs/core';
|
|
1
2
|
declare const JwtAuthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
|
|
2
3
|
export declare class JwtAuthGuard extends JwtAuthGuard_base {
|
|
4
|
+
private readonly reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: any): boolean | Promise<boolean> | import("rxjs").Observable<boolean>;
|
|
7
|
+
handleRequest(err: any, user: any): any;
|
|
3
8
|
}
|
|
4
9
|
export {};
|
|
5
10
|
//# sourceMappingURL=auth-guard.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-guard.d.ts","sourceRoot":"","sources":["../../src/auth/auth-guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth-guard.d.ts","sourceRoot":"","sources":["../../src/auth/auth-guard.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;;AAIzC,qBACa,YAAa,SAAQ,iBAAgB;IACpC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,SAAS;IAIjD,WAAW,CAAC,OAAO,EAAE,GAAG;IASxB,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG;CAMlC"}
|
package/dist/auth/auth-guard.js
CHANGED
|
@@ -5,13 +5,39 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
5
5
|
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
6
|
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
7
|
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
8
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
12
|
exports.JwtAuthGuard = void 0;
|
|
10
13
|
const common_1 = require("@nestjs/common");
|
|
11
14
|
const passport_1 = require("@nestjs/passport");
|
|
15
|
+
const core_1 = require("@nestjs/core");
|
|
16
|
+
const decorators_1 = require("./decorators");
|
|
17
|
+
const dto_1 = require("../dto"); // or replace with your error type
|
|
12
18
|
let JwtAuthGuard = class JwtAuthGuard extends (0, passport_1.AuthGuard)('jwt') {
|
|
19
|
+
constructor(reflector) {
|
|
20
|
+
super();
|
|
21
|
+
this.reflector = reflector;
|
|
22
|
+
}
|
|
23
|
+
canActivate(context) {
|
|
24
|
+
const isPublic = this.reflector.getAllAndOverride(decorators_1.IS_PUBLIC_KEY, [
|
|
25
|
+
context.getHandler(),
|
|
26
|
+
context.getClass(),
|
|
27
|
+
]);
|
|
28
|
+
if (isPublic)
|
|
29
|
+
return true;
|
|
30
|
+
return super.canActivate(context);
|
|
31
|
+
}
|
|
32
|
+
handleRequest(err, user) {
|
|
33
|
+
if (err || !user) {
|
|
34
|
+
throw new dto_1.BaseError(dto_1.BaseResponseDto.CODE_UNAUTHORIZED, '令牌无效或缺失');
|
|
35
|
+
}
|
|
36
|
+
return user; // becomes req.user for @User()
|
|
37
|
+
}
|
|
13
38
|
};
|
|
14
39
|
exports.JwtAuthGuard = JwtAuthGuard;
|
|
15
40
|
exports.JwtAuthGuard = JwtAuthGuard = __decorate([
|
|
16
|
-
(0, common_1.Injectable)()
|
|
41
|
+
(0, common_1.Injectable)(),
|
|
42
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
17
43
|
], JwtAuthGuard);
|
|
@@ -1,14 +1,9 @@
|
|
|
1
1
|
export interface AuthUser {
|
|
2
|
-
/** JWT subject – the canonical user id across services */
|
|
3
2
|
sub: string;
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
roles?: string[];
|
|
7
|
-
|
|
8
|
-
orgId?: string;
|
|
9
|
-
/** Who minted the token / which side it’s for */
|
|
10
|
-
service?: 'im' | 'scm' | string;
|
|
11
|
-
/** Allow extra claims without breaking */
|
|
3
|
+
mobile?: string;
|
|
4
|
+
name?: string;
|
|
5
|
+
roles?: (string | number)[];
|
|
6
|
+
orgId?: string | number;
|
|
12
7
|
[k: string]: unknown;
|
|
13
8
|
}
|
|
14
9
|
//# sourceMappingURL=auth.types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.types.d.ts","sourceRoot":"","sources":["../../src/auth/auth.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,
|
|
1
|
+
{"version":3,"file":"auth.types.d.ts","sourceRoot":"","sources":["../../src/auth/auth.types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IAC5B,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACxB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB"}
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
import { AuthUser } from './auth.types';
|
|
2
1
|
export declare const IS_PUBLIC_KEY = "isPublic";
|
|
3
2
|
export declare const Public: () => import("@nestjs/common").CustomDecorator<string>;
|
|
4
3
|
export declare const PERMS_KEY = "perms";
|
|
5
4
|
export declare const Perms: (perms: string[]) => import("@nestjs/common").CustomDecorator<string>;
|
|
6
5
|
export declare const ROLES_KEY = "roles";
|
|
7
|
-
export declare const Roles: (roles: string[]) => import("@nestjs/common").CustomDecorator<string>;
|
|
8
|
-
export declare const User: (...dataOrPipes: (import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>> | keyof AuthUser | undefined)[]) => ParameterDecorator;
|
|
6
|
+
export declare const Roles: (roles: (string | number)[]) => import("@nestjs/common").CustomDecorator<string>;
|
|
9
7
|
//# sourceMappingURL=decorators.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/auth/decorators.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/auth/decorators.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,aAAa,aAAa,CAAC;AACxC,eAAO,MAAM,MAAM,wDAAyC,CAAC;AAE7D,eAAO,MAAM,SAAS,UAAU,CAAC;AACjC,eAAO,MAAM,KAAK,GAAI,OAAO,MAAM,EAAE,qDAAkC,CAAC;AAExE,eAAO,MAAM,SAAS,UAAU,CAAC;AACjC,eAAO,MAAM,KAAK,GAAI,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,qDACjB,CAAC"}
|
package/dist/auth/decorators.js
CHANGED
|
@@ -1,22 +1,13 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.Roles = exports.ROLES_KEY = exports.Perms = exports.PERMS_KEY = exports.Public = exports.IS_PUBLIC_KEY = void 0;
|
|
4
4
|
const common_1 = require("@nestjs/common");
|
|
5
5
|
exports.IS_PUBLIC_KEY = 'isPublic';
|
|
6
6
|
const Public = () => (0, common_1.SetMetadata)(exports.IS_PUBLIC_KEY, true);
|
|
7
7
|
exports.Public = Public;
|
|
8
|
-
// 添加perms 和 roles 装饰器
|
|
9
8
|
exports.PERMS_KEY = 'perms';
|
|
10
9
|
const Perms = (perms) => (0, common_1.SetMetadata)(exports.PERMS_KEY, perms);
|
|
11
10
|
exports.Perms = Perms;
|
|
12
11
|
exports.ROLES_KEY = 'roles';
|
|
13
12
|
const Roles = (roles) => (0, common_1.SetMetadata)(exports.ROLES_KEY, roles);
|
|
14
13
|
exports.Roles = Roles;
|
|
15
|
-
exports.User = (0, common_1.createParamDecorator)((data, ctx) => {
|
|
16
|
-
const req = ctx.switchToHttp().getRequest();
|
|
17
|
-
const user = req.user;
|
|
18
|
-
if (!user)
|
|
19
|
-
return undefined;
|
|
20
|
-
// Support both @User() and @User('orgId')
|
|
21
|
-
return data ? user[data] : user;
|
|
22
|
-
});
|
package/dist/auth/index.d.ts
CHANGED
package/dist/auth/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC"}
|
package/dist/auth/index.js
CHANGED
|
@@ -17,3 +17,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
17
17
|
__exportStar(require("./auth-guard"), exports);
|
|
18
18
|
__exportStar(require("./decorators"), exports);
|
|
19
19
|
__exportStar(require("./auth.types"), exports);
|
|
20
|
+
__exportStar(require("./rbac.interface"), exports);
|
|
21
|
+
__exportStar(require("./rbac.guard"), exports);
|
|
22
|
+
__exportStar(require("./user.decorator"), exports);
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
import { PermissionEvaluator } from './rbac.interface';
|
|
4
|
+
export declare class RbacGuard implements CanActivate {
|
|
5
|
+
private reflector;
|
|
6
|
+
private evaluator;
|
|
7
|
+
constructor(reflector: Reflector, evaluator: PermissionEvaluator);
|
|
8
|
+
canActivate(ctx: ExecutionContext): Promise<boolean>;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=rbac.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rbac.guard.d.ts","sourceRoot":"","sources":["../../src/auth/rbac.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAGjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAwB,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAE7E,qBACa,SAAU,YAAW,WAAW;IAEzC,OAAO,CAAC,SAAS;IACa,OAAO,CAAC,SAAS;gBADvC,SAAS,EAAE,SAAS,EACU,SAAS,EAAE,mBAAmB;IAEhE,WAAW,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAoB3D"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.RbacGuard = void 0;
|
|
16
|
+
const common_1 = require("@nestjs/common");
|
|
17
|
+
const core_1 = require("@nestjs/core");
|
|
18
|
+
const decorators_1 = require("./decorators");
|
|
19
|
+
const rbac_interface_1 = require("./rbac.interface");
|
|
20
|
+
let RbacGuard = class RbacGuard {
|
|
21
|
+
constructor(reflector, evaluator) {
|
|
22
|
+
this.reflector = reflector;
|
|
23
|
+
this.evaluator = evaluator;
|
|
24
|
+
}
|
|
25
|
+
async canActivate(ctx) {
|
|
26
|
+
var _a, _b, _c, _d, _e, _f;
|
|
27
|
+
const h = ctx.getHandler(), c = ctx.getClass();
|
|
28
|
+
const reqPerms = (_a = this.reflector.getAllAndOverride(decorators_1.PERMS_KEY, [h, c])) !== null && _a !== void 0 ? _a : [];
|
|
29
|
+
const reqRoles = (_b = this.reflector.getAllAndOverride(decorators_1.ROLES_KEY, [
|
|
30
|
+
h,
|
|
31
|
+
c,
|
|
32
|
+
])) !== null && _b !== void 0 ? _b : [];
|
|
33
|
+
if (!reqPerms.length && !reqRoles.length)
|
|
34
|
+
return true;
|
|
35
|
+
const req = ctx.switchToHttp().getRequest();
|
|
36
|
+
const user = req.user;
|
|
37
|
+
if (!user)
|
|
38
|
+
return false;
|
|
39
|
+
if (reqRoles.length && !(await ((_d = (_c = this.evaluator).hasRoles) === null || _d === void 0 ? void 0 : _d.call(_c, user, reqRoles))))
|
|
40
|
+
return false;
|
|
41
|
+
if (reqPerms.length && !(await ((_f = (_e = this.evaluator).hasPerms) === null || _f === void 0 ? void 0 : _f.call(_e, user, reqPerms))))
|
|
42
|
+
return false;
|
|
43
|
+
return true;
|
|
44
|
+
}
|
|
45
|
+
};
|
|
46
|
+
exports.RbacGuard = RbacGuard;
|
|
47
|
+
exports.RbacGuard = RbacGuard = __decorate([
|
|
48
|
+
(0, common_1.Injectable)(),
|
|
49
|
+
__param(1, (0, common_1.Inject)(rbac_interface_1.PERMISSION_EVALUATOR)),
|
|
50
|
+
__metadata("design:paramtypes", [core_1.Reflector, Object])
|
|
51
|
+
], RbacGuard);
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export interface PermissionEvaluator {
|
|
2
|
+
hasRoles?(user: any, required: (string | number)[]): Promise<boolean> | boolean;
|
|
3
|
+
hasPerms?(user: any, required: string[]): Promise<boolean> | boolean;
|
|
4
|
+
}
|
|
5
|
+
export declare const PERMISSION_EVALUATOR: unique symbol;
|
|
6
|
+
//# sourceMappingURL=rbac.interface.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rbac.interface.d.ts","sourceRoot":"","sources":["../../src/auth/rbac.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,CACP,IAAI,EAAE,GAAG,EACT,QAAQ,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,GAC5B,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IAC9B,QAAQ,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;CACtE;AACD,eAAO,MAAM,oBAAoB,eAAiC,CAAC"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { AuthUser } from './auth.types';
|
|
2
|
+
export declare const User: (...dataOrPipes: (import("@nestjs/common").PipeTransform<any, any> | import("@nestjs/common").Type<import("@nestjs/common").PipeTransform<any, any>> | keyof AuthUser | undefined)[]) => ParameterDecorator;
|
|
3
|
+
//# sourceMappingURL=user.decorator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user.decorator.d.ts","sourceRoot":"","sources":["../../src/auth/user.decorator.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAExC,eAAO,MAAM,IAAI,6MAMhB,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.User = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
exports.User = (0, common_1.createParamDecorator)((data, ctx) => {
|
|
6
|
+
const req = ctx.switchToHttp().getRequest();
|
|
7
|
+
const u = req.user;
|
|
8
|
+
return data ? (u ? u[data] : undefined) : u;
|
|
9
|
+
});
|
|
@@ -34,6 +34,7 @@ let OperlogInterceptor = OperlogInterceptor_1 = class OperlogInterceptor {
|
|
|
34
34
|
}
|
|
35
35
|
}
|
|
36
36
|
intercept(context, next) {
|
|
37
|
+
var _a;
|
|
37
38
|
if (!this.isEnabled) {
|
|
38
39
|
return next.handle();
|
|
39
40
|
}
|
|
@@ -66,8 +67,8 @@ let OperlogInterceptor = OperlogInterceptor_1 = class OperlogInterceptor {
|
|
|
66
67
|
method: controllerClass + '.' + handler.name,
|
|
67
68
|
request_method: method,
|
|
68
69
|
user_agent: userAgent,
|
|
69
|
-
oper_name: (user === null || user === void 0 ? void 0 : user.
|
|
70
|
-
org_id: (user === null || user === void 0 ? void 0 : user.orgId) || '',
|
|
70
|
+
oper_name: (user === null || user === void 0 ? void 0 : user.name) || '',
|
|
71
|
+
org_id: ((_a = user === null || user === void 0 ? void 0 : user.orgId) === null || _a === void 0 ? void 0 : _a.toString()) || '',
|
|
71
72
|
oper_url: url,
|
|
72
73
|
oper_ip: clientIp,
|
|
73
74
|
oper_param: JSON.stringify(requestParams),
|