@spinajs/rbac-http 2.0.357 → 2.0.359
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/decorators.d.ts +2 -1
- package/lib/cjs/decorators.d.ts.map +1 -1
- package/lib/cjs/decorators.js.map +1 -1
- package/lib/cjs/interfaces.d.ts +8 -2
- package/lib/cjs/interfaces.d.ts.map +1 -1
- package/lib/cjs/interfaces.js.map +1 -1
- package/lib/cjs/policies/RbacPolicy.d.ts.map +1 -1
- package/lib/cjs/policies/RbacPolicy.js +5 -1
- package/lib/cjs/policies/RbacPolicy.js.map +1 -1
- package/lib/cjs/route-args.d.ts +3 -3
- package/lib/cjs/route-args.d.ts.map +1 -1
- package/lib/cjs/route-args.js +3 -3
- package/lib/cjs/route-args.js.map +1 -1
- package/lib/mjs/decorators.d.ts +2 -1
- package/lib/mjs/decorators.d.ts.map +1 -1
- package/lib/mjs/decorators.js.map +1 -1
- package/lib/mjs/interfaces.d.ts +8 -2
- package/lib/mjs/interfaces.d.ts.map +1 -1
- package/lib/mjs/interfaces.js.map +1 -1
- package/lib/mjs/policies/RbacPolicy.d.ts.map +1 -1
- package/lib/mjs/policies/RbacPolicy.js +5 -1
- package/lib/mjs/policies/RbacPolicy.js.map +1 -1
- package/lib/mjs/route-args.d.ts +3 -3
- package/lib/mjs/route-args.d.ts.map +1 -1
- package/lib/mjs/route-args.js +3 -3
- package/lib/mjs/route-args.js.map +1 -1
- package/lib/tsconfig.cjs.tsbuildinfo +1 -1
- package/lib/tsconfig.mjs.tsbuildinfo +1 -1
- package/package.json +10 -10
package/lib/cjs/decorators.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { IRbacDescriptor
|
|
1
|
+
import { IRbacDescriptor } from './interfaces.js';
|
|
2
|
+
import { PermissionType } from '@spinajs/rbac';
|
|
2
3
|
export declare const ACL_CONTROLLER_DESCRIPTOR: unique symbol;
|
|
3
4
|
export declare function setRbacMetadata(target: any, callback: (meta: IRbacDescriptor) => void): void;
|
|
4
5
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAkC,cAAc,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAkC,MAAM,iBAAiB,CAAC;AAGlF,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAE/C,eAAO,MAAM,yBAAyB,eAA6C,CAAC;AAEpF,wBAAgB,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,IAAI,EAAE,eAAe,KAAK,IAAI,QAerF;AAqBD;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,GAAE,cAAc,EAAgB,OAOpF;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,UAAU,GAAE,cAAc,EAAgB,OAapE;AAED;;GAEG;AACH,wBAAgB,IAAI,0GAEnB;AAED;;GAEG;AACH,wBAAgB,WAAW,0GAE1B;AAED,wBAAgB,OAAO,0GAEtB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":";;;AACA,wCAAyD;AACzD,4DAAsD;
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":";;;AACA,wCAAyD;AACzD,4DAAsD;AAGzC,QAAA,yBAAyB,GAAG,MAAM,CAAC,kCAAkC,CAAC,CAAC;AAEpF,SAAgB,eAAe,CAAC,MAAW,EAAE,QAAyC;IACpF,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC3G,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG;YACT,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;YACzD,UAAU,EAAE,CAAC,SAAS,CAAC;SACxB,CAAC;QAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC1F,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;AACH,CAAC;AAfD,0CAeC;AAED,SAAS,UAAU,CAAC,QAA0I;IAC5J,OAAO,CAAC,MAAW,EAAE,WAA4B,EAAE,iBAA8C,EAAE,EAAE;QACnG,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC3G,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG;gBACT,QAAQ,EAAE,EAAE;gBACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;gBACzD,UAAU,EAAE,CAAC,SAAS,CAAC;aACxB,CAAC;YAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC1F,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,iBAAiB,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,QAAgB,EAAE,aAA+B,CAAC,SAAS,CAAC;IACnF,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,EAAE;QAC3D,IAAA,aAAM,EAAC,0BAAU,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAEvC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,UAAU,GAAG,UAAU,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC;AAPD,4BAOC;AAED;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,aAA+B,CAAC,SAAS,CAAC;IACnE,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,WAAmB,EAAE,EAAE;QAChF,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG;oBACZ,UAAU,EAAE,UAAU;iBACvB,CAAC;gBACF,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,IAAA,aAAM,EAAC,0BAAU,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAbD,gCAaC;AAED;;GAEG;AACH,SAAgB,IAAI;IAClB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,SAAS,CAAC,CAAC,CAAC;AACrC,CAAC;AAFD,oBAEC;AAED;;GAEG;AACH,SAAgB,WAAW;IACzB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,kCAEC;AAED,SAAgB,OAAO;IACrB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,mBAAmB,CAAC,CAAC,CAAC;AAC/C,CAAC;AAFD,0BAEC"}
|
package/lib/cjs/interfaces.d.ts
CHANGED
|
@@ -1,9 +1,15 @@
|
|
|
1
|
-
import { User, ISession } from '@spinajs/rbac';
|
|
2
|
-
export type PermissionType = 'readAny' | 'readOwn' | 'updateAny' | 'updateOwn' | 'deleteAny' | 'deleteOwn' | 'createAny' | 'createOwn';
|
|
1
|
+
import { User, ISession, PermissionType } from '@spinajs/rbac';
|
|
3
2
|
declare module '@spinajs/http' {
|
|
4
3
|
interface IActionLocalStoregeContext {
|
|
5
4
|
User: User | null;
|
|
6
5
|
Session: ISession;
|
|
6
|
+
/**
|
|
7
|
+
* Controller route permission context
|
|
8
|
+
* To check if we run from (read|update|insert|delete)Own or (read|update|insert|delete)Any scope
|
|
9
|
+
*
|
|
10
|
+
* eg. we want to read only current user data but it has admin privlidges too....
|
|
11
|
+
*/
|
|
12
|
+
PermissionScope?: PermissionType;
|
|
7
13
|
}
|
|
8
14
|
}
|
|
9
15
|
export interface IRbacDescriptor {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAG/D,OAAO,QAAQ,eAAe,CAAC;IAC7B,UAAU,0BAA0B;QAClC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;QAClB,OAAO,EAAE,QAAQ,CAAC;QAElB;;;;;WAKG;QACH,eAAe,CAAC,EAAG,cAAc,CAAC;KACnC;CACF;AAED,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;IAE7B;;OAEG;IACH,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,8BAA8B,CAAC,CAAC;CACrD;AAED,MAAM,WAAW,8BAA8B;IAC7C;;OAEG;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;CAC9B;AAED,8BAAsB,qBAAqB;IACzC;;OAEG;aACa,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC;IAE3D;;OAEG;aACa,OAAO,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAElD;;OAEG;aACa,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;OAEG;aACa,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAEvD;;;;OAIG;aACa,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;CAC5D;AAED,8BAAsB,mBAAmB;CAAG;AAE5C,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":";;;AA4CA,MAAsB,qBAAqB;CA2B1C;AA3BD,sDA2BC;AAED,MAAsB,mBAAmB;CAAG;AAA5C,kDAA4C"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RbacPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAKrF,OAAO,
|
|
1
|
+
{"version":3,"file":"RbacPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAKrF,OAAO,EAAkB,IAAI,EAAE,MAAM,eAAe,CAAC;AAErD;;GAEG;AACH,qBAAa,UAAW,SAAQ,UAAU;IACxC,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;;IAQrB,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,GAAG,OAAO;IAKrD,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW;CA2B1E;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAG7G;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAQhG;AAED,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAMpG"}
|
|
@@ -20,10 +20,14 @@ class RbacPolicy extends http_1.BasePolicy {
|
|
|
20
20
|
async execute(req, action, instance) {
|
|
21
21
|
const descriptor = Reflect.getMetadata(decorators_js_1.ACL_CONTROLLER_DESCRIPTOR, instance);
|
|
22
22
|
let permission = descriptor.Permission ?? [];
|
|
23
|
-
// check if route has its own permission
|
|
24
23
|
if (descriptor.Routes.has(action.Method)) {
|
|
24
|
+
//req.storage.PermissionScope = descriptor.Routes.get(action.Method).Permission;
|
|
25
|
+
if (req.headers['x-permission-scope']) {
|
|
26
|
+
req.storage.PermissionScope = req.headers['x-permission-scope'] ?? null;
|
|
27
|
+
}
|
|
25
28
|
permission = descriptor.Routes.get(action.Method).Permission ?? [];
|
|
26
29
|
}
|
|
30
|
+
// check if route has its own permission
|
|
27
31
|
if (!descriptor || !descriptor.Permission || descriptor.Permission.length === 0) {
|
|
28
32
|
throw new exceptions_1.Forbidden(`no route permission or resources assigned`);
|
|
29
33
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RbacPolicy.js","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":";;;AACA,wCAAqF;AACrF,oDAAgD;AAChD,oDAA6D;AAE7D,oCAAiC;AAGjC;;GAEG;AACH,MAAa,UAAW,SAAQ,iBAAU;IAGxC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa,EAAE,MAAc,EAAE,QAAqB;QACvE,MAAM,UAAU,GAAoB,OAAO,CAAC,WAAW,CAAC,yCAAyB,EAAE,QAAQ,CAAC,CAAC;QAC7F,IAAI,UAAU,GAAG,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;QAE7C,
|
|
1
|
+
{"version":3,"file":"RbacPolicy.js","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":";;;AACA,wCAAqF;AACrF,oDAAgD;AAChD,oDAA6D;AAE7D,oCAAiC;AAGjC;;GAEG;AACH,MAAa,UAAW,SAAQ,iBAAU;IAGxC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa,EAAE,MAAc,EAAE,QAAqB;QACvE,MAAM,UAAU,GAAoB,OAAO,CAAC,WAAW,CAAC,yCAAyB,EAAE,QAAQ,CAAC,CAAC;QAC7F,IAAI,UAAU,GAAG,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;QAE7C,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACzC,gFAAgF;YAChF,IAAI,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBACtC,GAAG,CAAC,OAAO,CAAC,eAAe,GAAG,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAmB,IAAI,IAAI,CAAC;YAC5F,CAAC;YACD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC;QACrE,CAAC;QAED,wCAAwC;QAGxC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChF,MAAM,IAAI,sBAAS,CAAC,2CAA2C,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YACrF,MAAM,IAAI,sBAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,oBAAoB,CAAC,GAAG,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;YACrF,MAAM,IAAI,sBAAS,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,6BAA6B,UAAU,iBAAiB,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrI,CAAC;IACH,CAAC;CACF;AAzCD,gCAyCC;AAED,SAAgB,mBAAmB,CAAC,IAAuB,EAAE,QAAgB,EAAE,UAAkB;IAC/F,MAAM,EAAE,GAAG,OAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAClD,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AACrD,CAAC;AAHD,kDAGC;AAED,SAAgB,mBAAmB,CAAC,IAAU,EAAE,QAAgB,EAAE,UAAkB;IAClF,MAAM,EAAE,GAAG,OAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AAC1D,CAAC;AARD,kDAQC;AAED,SAAgB,oBAAoB,CAAC,GAAa,EAAE,QAAgB,EAAE,UAAkB;IACtF,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;AACrE,CAAC;AAND,oDAMC"}
|
package/lib/cjs/route-args.d.ts
CHANGED
|
@@ -2,21 +2,21 @@ import { RouteArgs, IRouteParameter, ParameterType, IRouteCall } from '@spinajs/
|
|
|
2
2
|
import { Request } from '@spinajs/http';
|
|
3
3
|
export declare class UserArg extends RouteArgs {
|
|
4
4
|
get SupportedType(): ParameterType;
|
|
5
|
-
extract(callData: IRouteCall, _param: IRouteParameter, req: Request): Promise<{
|
|
5
|
+
extract(callData: IRouteCall, _args: unknown[], _param: IRouteParameter, req: Request): Promise<{
|
|
6
6
|
CallData: IRouteCall;
|
|
7
7
|
Args: import("@spinajs/rbac").User;
|
|
8
8
|
}>;
|
|
9
9
|
}
|
|
10
10
|
export declare class SessionArg extends RouteArgs {
|
|
11
11
|
get SupportedType(): string;
|
|
12
|
-
extract(callData: IRouteCall, param: IRouteParameter, req: Request): Promise<{
|
|
12
|
+
extract(callData: IRouteCall, _args: unknown[], param: IRouteParameter, req: Request): Promise<{
|
|
13
13
|
CallData: IRouteCall;
|
|
14
14
|
Args: unknown;
|
|
15
15
|
}>;
|
|
16
16
|
}
|
|
17
17
|
export declare class CurrentSessionArg extends RouteArgs {
|
|
18
18
|
get SupportedType(): string;
|
|
19
|
-
extract(callData: IRouteCall, _param: IRouteParameter, req: Request): Promise<{
|
|
19
|
+
extract(callData: IRouteCall, _args: unknown[], _param: IRouteParameter, req: Request): Promise<{
|
|
20
20
|
CallData: IRouteCall;
|
|
21
21
|
Args: import("@spinajs/rbac").ISession;
|
|
22
22
|
}>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route-args.d.ts","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEtF,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAExC,qBACa,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa,IAAI,aAAa,CAExC;IAEY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;
|
|
1
|
+
{"version":3,"file":"route-args.d.ts","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEtF,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAExC,qBACa,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa,IAAI,aAAa,CAExC;IAEY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG;AAED,qBACa,UAAW,SAAQ,SAAS;IACvC,IAAI,aAAa,IAAI,MAAM,CAE1B;IACY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAG,KAAK,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG;AAED,qBACa,iBAAkB,SAAQ,SAAS;IAC9C,IAAI,aAAa,IAAI,MAAM,CAE1B;IACY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG"}
|
package/lib/cjs/route-args.js
CHANGED
|
@@ -13,7 +13,7 @@ let UserArg = class UserArg extends http_1.RouteArgs {
|
|
|
13
13
|
get SupportedType() {
|
|
14
14
|
return http_1.ParameterType.Other;
|
|
15
15
|
}
|
|
16
|
-
async extract(callData, _param, req) {
|
|
16
|
+
async extract(callData, _args, _param, req) {
|
|
17
17
|
return { CallData: callData, Args: req.storage.User };
|
|
18
18
|
}
|
|
19
19
|
};
|
|
@@ -25,7 +25,7 @@ let SessionArg = class SessionArg extends http_1.RouteArgs {
|
|
|
25
25
|
get SupportedType() {
|
|
26
26
|
return http_1.ParameterType.FromSession;
|
|
27
27
|
}
|
|
28
|
-
async extract(callData, param, req) {
|
|
28
|
+
async extract(callData, _args, param, req) {
|
|
29
29
|
return { CallData: callData, Args: req.storage.Session ? req.storage.Session.Data.get(param.Name) : undefined };
|
|
30
30
|
}
|
|
31
31
|
};
|
|
@@ -37,7 +37,7 @@ let CurrentSessionArg = class CurrentSessionArg extends http_1.RouteArgs {
|
|
|
37
37
|
get SupportedType() {
|
|
38
38
|
return http_1.ParameterType.Other;
|
|
39
39
|
}
|
|
40
|
-
async extract(callData, _param, req) {
|
|
40
|
+
async extract(callData, _args, _param, req) {
|
|
41
41
|
return { CallData: callData, Args: req.storage.Session };
|
|
42
42
|
}
|
|
43
43
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route-args.js","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":";;;;;;;;;AAAA,wCAAsF;AACtF,oCAAyC;AAIlC,IAAM,OAAO,GAAb,MAAM,OAAQ,SAAQ,gBAAS;IACpC,IAAW,aAAa;QACtB,OAAO,oBAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,MAAuB,EAAE,GAAY;
|
|
1
|
+
{"version":3,"file":"route-args.js","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":";;;;;;;;;AAAA,wCAAsF;AACtF,oCAAyC;AAIlC,IAAM,OAAO,GAAb,MAAM,OAAQ,SAAQ,gBAAS;IACpC,IAAW,aAAa;QACtB,OAAO,oBAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,KAAgB,EAAE,MAAuB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IACxD,CAAC;CACF,CAAA;AARY,0BAAO;kBAAP,OAAO;IADnB,IAAA,eAAU,GAAE;GACA,OAAO,CAQnB;AAGM,IAAM,UAAU,GAAhB,MAAM,UAAW,SAAQ,gBAAS;IACvC,IAAI,aAAa;QACf,OAAO,oBAAa,CAAC,WAAW,CAAC;IACnC,CAAC;IACM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAG,KAAgB,EAAE,KAAsB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAClH,CAAC;CACF,CAAA;AAPY,gCAAU;qBAAV,UAAU;IADtB,IAAA,eAAU,GAAE;GACA,UAAU,CAOtB;AAGM,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,gBAAS;IAC9C,IAAI,aAAa;QACf,OAAO,oBAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IACM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,KAAgB,EAAE,MAAuB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3D,CAAC;CACF,CAAA;AAPY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,eAAU,GAAE;GACA,iBAAiB,CAO7B"}
|
package/lib/mjs/decorators.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { IRbacDescriptor
|
|
1
|
+
import { IRbacDescriptor } from './interfaces.js';
|
|
2
|
+
import { PermissionType } from '@spinajs/rbac';
|
|
2
3
|
export declare const ACL_CONTROLLER_DESCRIPTOR: unique symbol;
|
|
3
4
|
export declare function setRbacMetadata(target: any, callback: (meta: IRbacDescriptor) => void): void;
|
|
4
5
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAkC,cAAc,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAkC,MAAM,iBAAiB,CAAC;AAGlF,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAE/C,eAAO,MAAM,yBAAyB,eAA6C,CAAC;AAEpF,wBAAgB,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,IAAI,EAAE,eAAe,KAAK,IAAI,QAerF;AAqBD;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,GAAE,cAAc,EAAgB,OAOpF;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,UAAU,GAAE,cAAc,EAAgB,OAapE;AAED;;GAEG;AACH,wBAAgB,IAAI,0GAEnB;AAED;;GAEG;AACH,wBAAgB,WAAW,0GAE1B;AAED,wBAAgB,OAAO,0GAEtB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/decorators.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAGtD,MAAM,CAAC,MAAM,yBAAyB,GAAG,MAAM,CAAC,kCAAkC,CAAC,CAAC;AAEpF,MAAM,UAAU,eAAe,CAAC,MAAW,EAAE,QAAyC;IACpF,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,yBAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC3G,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG;YACT,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;YACzD,UAAU,EAAE,CAAC,SAAS,CAAC;SACxB,CAAC;QAEF,OAAO,CAAC,cAAc,CAAC,yBAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC1F,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,QAA0I;IAC5J,OAAO,CAAC,MAAW,EAAE,WAA4B,EAAE,iBAA8C,EAAE,EAAE;QACnG,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,yBAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC3G,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG;gBACT,QAAQ,EAAE,EAAE;gBACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;gBACzD,UAAU,EAAE,CAAC,SAAS,CAAC;aACxB,CAAC;YAEF,OAAO,CAAC,cAAc,CAAC,yBAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC1F,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,iBAAiB,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,QAAQ,CAAC,QAAgB,EAAE,aAA+B,CAAC,SAAS,CAAC;IACnF,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,EAAE;QAC3D,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAEvC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,UAAU,GAAG,UAAU,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,aAA+B,CAAC,SAAS,CAAC;IACnE,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,WAAmB,EAAE,EAAE;QAChF,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG;oBACZ,UAAU,EAAE,UAAU;iBACvB,CAAC;gBACF,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,IAAI;IAClB,OAAO,KAAK,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;AACrC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW;IACzB,OAAO,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,OAAO,KAAK,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC;AAC/C,CAAC"}
|
package/lib/mjs/interfaces.d.ts
CHANGED
|
@@ -1,9 +1,15 @@
|
|
|
1
|
-
import { User, ISession } from '@spinajs/rbac';
|
|
2
|
-
export type PermissionType = 'readAny' | 'readOwn' | 'updateAny' | 'updateOwn' | 'deleteAny' | 'deleteOwn' | 'createAny' | 'createOwn';
|
|
1
|
+
import { User, ISession, PermissionType } from '@spinajs/rbac';
|
|
3
2
|
declare module '@spinajs/http' {
|
|
4
3
|
interface IActionLocalStoregeContext {
|
|
5
4
|
User: User | null;
|
|
6
5
|
Session: ISession;
|
|
6
|
+
/**
|
|
7
|
+
* Controller route permission context
|
|
8
|
+
* To check if we run from (read|update|insert|delete)Own or (read|update|insert|delete)Any scope
|
|
9
|
+
*
|
|
10
|
+
* eg. we want to read only current user data but it has admin privlidges too....
|
|
11
|
+
*/
|
|
12
|
+
PermissionScope?: PermissionType;
|
|
7
13
|
}
|
|
8
14
|
}
|
|
9
15
|
export interface IRbacDescriptor {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAG/D,OAAO,QAAQ,eAAe,CAAC;IAC7B,UAAU,0BAA0B;QAClC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;QAClB,OAAO,EAAE,QAAQ,CAAC;QAElB;;;;;WAKG;QACH,eAAe,CAAC,EAAG,cAAc,CAAC;KACnC;CACF;AAED,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;IAE7B;;OAEG;IACH,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,8BAA8B,CAAC,CAAC;CACrD;AAED,MAAM,WAAW,8BAA8B;IAC7C;;OAEG;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;CAC9B;AAED,8BAAsB,qBAAqB;IACzC;;OAEG;aACa,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC;IAE3D;;OAEG;aACa,OAAO,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAElD;;OAEG;aACa,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAExE;;OAEG;aACa,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAEvD;;;;OAIG;aACa,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;CAC5D;AAED,8BAAsB,mBAAmB;CAAG;AAE5C,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AA4CA,MAAM,OAAgB,qBAAqB;CA2B1C;AAED,MAAM,OAAgB,mBAAmB;CAAG"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RbacPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAKrF,OAAO,
|
|
1
|
+
{"version":3,"file":"RbacPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAKrF,OAAO,EAAkB,IAAI,EAAE,MAAM,eAAe,CAAC;AAErD;;GAEG;AACH,qBAAa,UAAW,SAAQ,UAAU;IACxC,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;;IAQrB,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,GAAG,OAAO;IAKrD,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW;CA2B1E;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAG7G;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAQhG;AAED,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU,CAMpG"}
|
|
@@ -17,10 +17,14 @@ export class RbacPolicy extends BasePolicy {
|
|
|
17
17
|
async execute(req, action, instance) {
|
|
18
18
|
const descriptor = Reflect.getMetadata(ACL_CONTROLLER_DESCRIPTOR, instance);
|
|
19
19
|
let permission = descriptor.Permission ?? [];
|
|
20
|
-
// check if route has its own permission
|
|
21
20
|
if (descriptor.Routes.has(action.Method)) {
|
|
21
|
+
//req.storage.PermissionScope = descriptor.Routes.get(action.Method).Permission;
|
|
22
|
+
if (req.headers['x-permission-scope']) {
|
|
23
|
+
req.storage.PermissionScope = req.headers['x-permission-scope'] ?? null;
|
|
24
|
+
}
|
|
22
25
|
permission = descriptor.Routes.get(action.Method).Permission ?? [];
|
|
23
26
|
}
|
|
27
|
+
// check if route has its own permission
|
|
24
28
|
if (!descriptor || !descriptor.Permission || descriptor.Permission.length === 0) {
|
|
25
29
|
throw new Forbidden(`no route permission or resources assigned`);
|
|
26
30
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RbacPolicy.js","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAA4C,MAAM,eAAe,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAE7D,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAGjC;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,UAAU;IAGxC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa,EAAE,MAAc,EAAE,QAAqB;QACvE,MAAM,UAAU,GAAoB,OAAO,CAAC,WAAW,CAAC,yBAAyB,EAAE,QAAQ,CAAC,CAAC;QAC7F,IAAI,UAAU,GAAG,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;QAE7C,
|
|
1
|
+
{"version":3,"file":"RbacPolicy.js","sourceRoot":"","sources":["../../../src/policies/RbacPolicy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAA4C,MAAM,eAAe,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAE7D,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAGjC;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,UAAU;IAGxC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa,EAAE,MAAc,EAAE,QAAqB;QACvE,MAAM,UAAU,GAAoB,OAAO,CAAC,WAAW,CAAC,yBAAyB,EAAE,QAAQ,CAAC,CAAC;QAC7F,IAAI,UAAU,GAAG,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;QAE7C,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACzC,gFAAgF;YAChF,IAAI,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBACtC,GAAG,CAAC,OAAO,CAAC,eAAe,GAAG,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAmB,IAAI,IAAI,CAAC;YAC5F,CAAC;YACD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC;QACrE,CAAC;QAED,wCAAwC;QAGxC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChF,MAAM,IAAI,SAAS,CAAC,2CAA2C,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YACrF,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,oBAAoB,CAAC,GAAG,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;YACrF,MAAM,IAAI,SAAS,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,6BAA6B,UAAU,iBAAiB,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrI,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAuB,EAAE,QAAgB,EAAE,UAAkB;IAC/F,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAClD,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AACrD,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAU,EAAE,QAAgB,EAAE,UAAkB;IAClF,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,GAAa,EAAE,QAAgB,EAAE,UAAkB;IACtF,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;AACrE,CAAC"}
|
package/lib/mjs/route-args.d.ts
CHANGED
|
@@ -2,21 +2,21 @@ import { RouteArgs, IRouteParameter, ParameterType, IRouteCall } from '@spinajs/
|
|
|
2
2
|
import { Request } from '@spinajs/http';
|
|
3
3
|
export declare class UserArg extends RouteArgs {
|
|
4
4
|
get SupportedType(): ParameterType;
|
|
5
|
-
extract(callData: IRouteCall, _param: IRouteParameter, req: Request): Promise<{
|
|
5
|
+
extract(callData: IRouteCall, _args: unknown[], _param: IRouteParameter, req: Request): Promise<{
|
|
6
6
|
CallData: IRouteCall;
|
|
7
7
|
Args: import("@spinajs/rbac").User;
|
|
8
8
|
}>;
|
|
9
9
|
}
|
|
10
10
|
export declare class SessionArg extends RouteArgs {
|
|
11
11
|
get SupportedType(): string;
|
|
12
|
-
extract(callData: IRouteCall, param: IRouteParameter, req: Request): Promise<{
|
|
12
|
+
extract(callData: IRouteCall, _args: unknown[], param: IRouteParameter, req: Request): Promise<{
|
|
13
13
|
CallData: IRouteCall;
|
|
14
14
|
Args: unknown;
|
|
15
15
|
}>;
|
|
16
16
|
}
|
|
17
17
|
export declare class CurrentSessionArg extends RouteArgs {
|
|
18
18
|
get SupportedType(): string;
|
|
19
|
-
extract(callData: IRouteCall, _param: IRouteParameter, req: Request): Promise<{
|
|
19
|
+
extract(callData: IRouteCall, _args: unknown[], _param: IRouteParameter, req: Request): Promise<{
|
|
20
20
|
CallData: IRouteCall;
|
|
21
21
|
Args: import("@spinajs/rbac").ISession;
|
|
22
22
|
}>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route-args.d.ts","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEtF,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAExC,qBACa,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa,IAAI,aAAa,CAExC;IAEY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;
|
|
1
|
+
{"version":3,"file":"route-args.d.ts","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEtF,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAExC,qBACa,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa,IAAI,aAAa,CAExC;IAEY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG;AAED,qBACa,UAAW,SAAQ,SAAS;IACvC,IAAI,aAAa,IAAI,MAAM,CAE1B;IACY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAG,KAAK,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG;AAED,qBACa,iBAAkB,SAAQ,SAAS;IAC9C,IAAI,aAAa,IAAI,MAAM,CAE1B;IACY,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,EAAE,OAAO;;;;CAGnG"}
|
package/lib/mjs/route-args.js
CHANGED
|
@@ -10,7 +10,7 @@ let UserArg = class UserArg extends RouteArgs {
|
|
|
10
10
|
get SupportedType() {
|
|
11
11
|
return ParameterType.Other;
|
|
12
12
|
}
|
|
13
|
-
async extract(callData, _param, req) {
|
|
13
|
+
async extract(callData, _args, _param, req) {
|
|
14
14
|
return { CallData: callData, Args: req.storage.User };
|
|
15
15
|
}
|
|
16
16
|
};
|
|
@@ -22,7 +22,7 @@ let SessionArg = class SessionArg extends RouteArgs {
|
|
|
22
22
|
get SupportedType() {
|
|
23
23
|
return ParameterType.FromSession;
|
|
24
24
|
}
|
|
25
|
-
async extract(callData, param, req) {
|
|
25
|
+
async extract(callData, _args, param, req) {
|
|
26
26
|
return { CallData: callData, Args: req.storage.Session ? req.storage.Session.Data.get(param.Name) : undefined };
|
|
27
27
|
}
|
|
28
28
|
};
|
|
@@ -34,7 +34,7 @@ let CurrentSessionArg = class CurrentSessionArg extends RouteArgs {
|
|
|
34
34
|
get SupportedType() {
|
|
35
35
|
return ParameterType.Other;
|
|
36
36
|
}
|
|
37
|
-
async extract(callData, _param, req) {
|
|
37
|
+
async extract(callData, _args, _param, req) {
|
|
38
38
|
return { CallData: callData, Args: req.storage.Session };
|
|
39
39
|
}
|
|
40
40
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route-args.js","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,SAAS,EAAmB,aAAa,EAAc,MAAM,eAAe,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAIlC,IAAM,OAAO,GAAb,MAAM,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa;QACtB,OAAO,aAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,MAAuB,EAAE,GAAY;
|
|
1
|
+
{"version":3,"file":"route-args.js","sourceRoot":"","sources":["../../src/route-args.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,SAAS,EAAmB,aAAa,EAAc,MAAM,eAAe,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAIlC,IAAM,OAAO,GAAb,MAAM,OAAQ,SAAQ,SAAS;IACpC,IAAW,aAAa;QACtB,OAAO,aAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,KAAgB,EAAE,MAAuB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IACxD,CAAC;CACF,CAAA;AARY,OAAO;IADnB,UAAU,EAAE;GACA,OAAO,CAQnB;;AAGM,IAAM,UAAU,GAAhB,MAAM,UAAW,SAAQ,SAAS;IACvC,IAAI,aAAa;QACf,OAAO,aAAa,CAAC,WAAW,CAAC;IACnC,CAAC;IACM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAG,KAAgB,EAAE,KAAsB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAClH,CAAC;CACF,CAAA;AAPY,UAAU;IADtB,UAAU,EAAE;GACA,UAAU,CAOtB;;AAGM,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,SAAS;IAC9C,IAAI,aAAa;QACf,OAAO,aAAa,CAAC,KAAK,CAAC;IAC7B,CAAC;IACM,KAAK,CAAC,OAAO,CAAC,QAAoB,EAAE,KAAgB,EAAE,MAAuB,EAAE,GAAY;QAChG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3D,CAAC;CACF,CAAA;AAPY,iBAAiB;IAD7B,UAAU,EAAE;GACA,iBAAiB,CAO7B"}
|