@volcanicminds/backend 0.2.29 → 0.2.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/hooks/onRequest.js +10 -10
- package/dist/lib/hooks/onRequest.js.map +1 -1
- package/lib/hooks/onRequest.ts +10 -10
- package/package.json +1 -1
|
@@ -39,16 +39,16 @@ module.exports = (req, reply) => __awaiter(void 0, void 0, void 0, function* ()
|
|
|
39
39
|
throw error;
|
|
40
40
|
}
|
|
41
41
|
}
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
42
|
+
}
|
|
43
|
+
if (((_b = req.routeConfig.requiredRoles) === null || _b === void 0 ? void 0 : _b.length) > 0) {
|
|
44
|
+
const { method = '', url = '', requiredRoles } = req.routeConfig;
|
|
45
|
+
const userRoles = ((_d = (_c = req.user) === null || _c === void 0 ? void 0 : _c.roles) === null || _d === void 0 ? void 0 : _d.map((code) => code)) || [];
|
|
46
|
+
const resolvedRoles = userRoles.length > 0 ? requiredRoles.filter((r) => userRoles.includes(r.code)) : [];
|
|
47
|
+
if (!resolvedRoles.length) {
|
|
48
|
+
log.w && log.warn(`Not allowed to call ${method.toUpperCase()} ${url}`);
|
|
49
|
+
return reply
|
|
50
|
+
.status(403)
|
|
51
|
+
.send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to call this route' });
|
|
52
52
|
}
|
|
53
53
|
}
|
|
54
54
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"onRequest.js","sourceRoot":"","sources":["../../../lib/hooks/onRequest.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,2CAAmD;AAGnD,MAAM,CAAC,OAAO,GAAG,CAAO,GAAG,EAAE,KAAK,EAAE,EAAE;;IAEpC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,CAAA;IACrC,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC,IAAA,gBAAO,EAAC,GAAG,CAAC,CAAA;IAC7B,GAAG,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAA;IACrC,GAAG,CAAC,KAAK,GAAG,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9D,GAAG,CAAC,OAAO,GAAG,CAAC,CAAO,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAK,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,CAAA,CAAC,CAAA;IAGxG,MAAM,IAAI,GAAG,CAAA,MAAA,GAAG,CAAC,OAAO,0CAAE,aAAa,KAAI,EAAE,CAAA;IAC7C,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAEjH,IAAI,MAAM,KAAK,QAAQ,IAAI,KAAK,IAAI,IAAI,EAAE;QACxC,IAAI,IAAI,GAAsB,EAAuB,CAAA;QACrD,IAAI;YACF,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;YAChD,IAAI,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,wBAAwB,CAAC,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,GAAG,CAAC,CAAA;YAC/E,IAAI,CAAC,IAAI,EAAE;gBACT,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAA;aACtG;YACD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;YACjE,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAA;aACtG;YAGD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAA;SAChB;QAAC,OAAO,KAAK,EAAE;YACd,IAAI,CAAC,aAAa,EAAE;gBAClB,MAAM,KAAK,CAAA;aACZ;SACF;
|
|
1
|
+
{"version":3,"file":"onRequest.js","sourceRoot":"","sources":["../../../lib/hooks/onRequest.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,2CAAmD;AAGnD,MAAM,CAAC,OAAO,GAAG,CAAO,GAAG,EAAE,KAAK,EAAE,EAAE;;IAEpC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,CAAA;IACrC,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC,IAAA,gBAAO,EAAC,GAAG,CAAC,CAAA;IAC7B,GAAG,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAA;IACrC,GAAG,CAAC,KAAK,GAAG,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9D,GAAG,CAAC,OAAO,GAAG,CAAC,CAAO,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAK,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,CAAA,CAAC,CAAA;IAGxG,MAAM,IAAI,GAAG,CAAA,MAAA,GAAG,CAAC,OAAO,0CAAE,aAAa,KAAI,EAAE,CAAA;IAC7C,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAEjH,IAAI,MAAM,KAAK,QAAQ,IAAI,KAAK,IAAI,IAAI,EAAE;QACxC,IAAI,IAAI,GAAsB,EAAuB,CAAA;QACrD,IAAI;YACF,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;YAChD,IAAI,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,wBAAwB,CAAC,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,GAAG,CAAC,CAAA;YAC/E,IAAI,CAAC,IAAI,EAAE;gBACT,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAA;aACtG;YACD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;YACjE,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAA;aACtG;YAGD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAA;SAChB;QAAC,OAAO,KAAK,EAAE;YACd,IAAI,CAAC,aAAa,EAAE;gBAClB,MAAM,KAAK,CAAA;aACZ;SACF;KACF;IAED,IAAI,CAAA,MAAA,GAAG,CAAC,WAAW,CAAC,aAAa,0CAAE,MAAM,IAAG,CAAC,EAAE;QAC7C,MAAM,EAAE,MAAM,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,WAAW,CAAA;QAChE,MAAM,SAAS,GAAa,CAAA,MAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,KAAK,0CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAI,EAAE,CAAA;QACtE,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAEzG,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YACzB,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,uBAAuB,MAAM,CAAC,WAAW,EAAE,IAAI,GAAG,EAAE,CAAC,CAAA;YACvE,OAAO,KAAK;iBACT,MAAM,CAAC,GAAG,CAAC;iBACX,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC,CAAA;SAClG;KACF;AACH,CAAC,CAAA,CAAA"}
|
package/lib/hooks/onRequest.ts
CHANGED
|
@@ -34,18 +34,18 @@ module.exports = async (req, reply) => {
|
|
|
34
34
|
throw error
|
|
35
35
|
}
|
|
36
36
|
}
|
|
37
|
+
}
|
|
37
38
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
39
|
+
if (req.routeConfig.requiredRoles?.length > 0) {
|
|
40
|
+
const { method = '', url = '', requiredRoles } = req.routeConfig
|
|
41
|
+
const userRoles: string[] = req.user?.roles?.map((code) => code) || []
|
|
42
|
+
const resolvedRoles = userRoles.length > 0 ? requiredRoles.filter((r) => userRoles.includes(r.code)) : []
|
|
42
43
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
}
|
|
44
|
+
if (!resolvedRoles.length) {
|
|
45
|
+
log.w && log.warn(`Not allowed to call ${method.toUpperCase()} ${url}`)
|
|
46
|
+
return reply
|
|
47
|
+
.status(403)
|
|
48
|
+
.send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to call this route' })
|
|
49
49
|
}
|
|
50
50
|
}
|
|
51
51
|
}
|