ecrs-auth-core 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.module.d.ts +2 -3
- package/dist/auth.module.js +4 -3
- package/dist/auth.service.d.ts +12 -14
- package/dist/auth.service.js +17 -78
- package/dist/index.d.ts +0 -2
- package/dist/index.js +0 -2
- package/dist/interfaces/auth-core-options.interface.d.ts +19 -0
- package/dist/interfaces/auth-core-options.interface.js +2 -0
- package/package.json +1 -1
package/dist/auth.module.d.ts
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
import { DynamicModule } from '@nestjs/common';
|
|
2
|
+
import { AuthCoreOptions } from './interfaces/auth-core-options.interface';
|
|
2
3
|
export declare class AuthCoreModule {
|
|
3
|
-
static register(options:
|
|
4
|
-
moduleId: number;
|
|
5
|
-
}): DynamicModule;
|
|
4
|
+
static register(options: AuthCoreOptions): DynamicModule;
|
|
6
5
|
}
|
package/dist/auth.module.js
CHANGED
|
@@ -10,11 +10,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
10
10
|
exports.AuthCoreModule = void 0;
|
|
11
11
|
// src/auth.module.ts
|
|
12
12
|
const common_1 = require("@nestjs/common");
|
|
13
|
+
const jwt_1 = require("@nestjs/jwt");
|
|
13
14
|
const auth_service_1 = require("./auth.service");
|
|
14
15
|
const jwt_strategy_1 = require("./jwt/jwt.strategy");
|
|
15
16
|
const jwt_guard_1 = require("./jwt/jwt.guard");
|
|
16
17
|
const auth_controller_1 = require("./auth.controller");
|
|
17
|
-
const jwt_1 = require("@nestjs/jwt");
|
|
18
18
|
const module_guard_1 = require("./guards/module.guard");
|
|
19
19
|
const roles_guard_1 = require("./guards/roles.guard");
|
|
20
20
|
const feature_guard_1 = require("./guards/feature.guard");
|
|
@@ -34,7 +34,7 @@ let AuthCoreModule = AuthCoreModule_1 = class AuthCoreModule {
|
|
|
34
34
|
route_guard_1.RouteGuard,
|
|
35
35
|
permission_guard_1.PermissionGuard,
|
|
36
36
|
{
|
|
37
|
-
provide: '
|
|
37
|
+
provide: 'AUTH_CORE_OPTIONS',
|
|
38
38
|
useValue: options,
|
|
39
39
|
},
|
|
40
40
|
],
|
|
@@ -47,7 +47,7 @@ let AuthCoreModule = AuthCoreModule_1 = class AuthCoreModule {
|
|
|
47
47
|
roles_guard_1.RolesGuard,
|
|
48
48
|
feature_guard_1.FeatureGuard,
|
|
49
49
|
route_guard_1.RouteGuard,
|
|
50
|
-
permission_guard_1.PermissionGuard
|
|
50
|
+
permission_guard_1.PermissionGuard,
|
|
51
51
|
],
|
|
52
52
|
imports: [
|
|
53
53
|
jwt_1.JwtModule.register({
|
|
@@ -60,5 +60,6 @@ let AuthCoreModule = AuthCoreModule_1 = class AuthCoreModule {
|
|
|
60
60
|
};
|
|
61
61
|
exports.AuthCoreModule = AuthCoreModule;
|
|
62
62
|
exports.AuthCoreModule = AuthCoreModule = AuthCoreModule_1 = __decorate([
|
|
63
|
+
(0, common_1.Global)(),
|
|
63
64
|
(0, common_1.Module)({})
|
|
64
65
|
], AuthCoreModule);
|
package/dist/auth.service.d.ts
CHANGED
|
@@ -1,23 +1,21 @@
|
|
|
1
1
|
import { JwtService } from "@nestjs/jwt";
|
|
2
|
-
import {
|
|
2
|
+
import { AuthCoreOptions } from "./interfaces/auth-core-options.interface";
|
|
3
3
|
import { User } from "./entities/user.entity";
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
4
|
+
export type RoutePermissionSet = {
|
|
5
|
+
view?: boolean;
|
|
6
|
+
create?: boolean;
|
|
7
|
+
update?: boolean;
|
|
8
|
+
delete?: boolean;
|
|
9
|
+
import?: boolean;
|
|
10
|
+
export?: boolean;
|
|
11
|
+
};
|
|
9
12
|
export declare class AuthService {
|
|
10
13
|
private jwtService;
|
|
11
|
-
private readonly
|
|
14
|
+
private readonly options;
|
|
12
15
|
private readonly config;
|
|
13
|
-
|
|
14
|
-
private readonly featureAccessRepo;
|
|
15
|
-
private readonly featureRepo;
|
|
16
|
-
private readonly screenPermissionRepo;
|
|
17
|
-
private readonly routeRepo;
|
|
18
|
-
constructor(jwtService: JwtService, userRepo: Repository<User>, config: {
|
|
16
|
+
constructor(jwtService: JwtService, options: AuthCoreOptions, config: {
|
|
19
17
|
moduleId: number;
|
|
20
|
-
}
|
|
18
|
+
});
|
|
21
19
|
validateUser(email: string, password: string): Promise<User | null>;
|
|
22
20
|
login(user: User): Promise<{
|
|
23
21
|
access_token: string;
|
package/dist/auth.service.js
CHANGED
|
@@ -46,31 +46,17 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
46
46
|
};
|
|
47
47
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
48
48
|
exports.AuthService = void 0;
|
|
49
|
-
// src/auth.service.ts
|
|
50
49
|
const common_1 = require("@nestjs/common");
|
|
51
50
|
const jwt_1 = require("@nestjs/jwt");
|
|
52
|
-
const typeorm_1 = require("typeorm");
|
|
53
|
-
const typeorm_2 = require("@nestjs/typeorm");
|
|
54
51
|
const bcrypt = __importStar(require("bcrypt"));
|
|
55
|
-
const user_entity_1 = require("./entities/user.entity");
|
|
56
|
-
const user_module_access_entity_1 = require("./entities/user-module-access.entity");
|
|
57
|
-
const user_feature_access_entity_1 = require("./entities/user-feature-access.entity");
|
|
58
|
-
const feature_entity_1 = require("./entities/feature.entity");
|
|
59
|
-
const module_route_entity_1 = require("./entities/module-route.entity");
|
|
60
|
-
const module_screen_permission_entity_1 = require("./entities/module-screen-permission.entity");
|
|
61
52
|
let AuthService = class AuthService {
|
|
62
|
-
constructor(jwtService,
|
|
53
|
+
constructor(jwtService, options, config) {
|
|
63
54
|
this.jwtService = jwtService;
|
|
64
|
-
this.
|
|
55
|
+
this.options = options;
|
|
65
56
|
this.config = config;
|
|
66
|
-
this.moduleAccessRepo = moduleAccessRepo;
|
|
67
|
-
this.featureAccessRepo = featureAccessRepo;
|
|
68
|
-
this.featureRepo = featureRepo;
|
|
69
|
-
this.screenPermissionRepo = screenPermissionRepo;
|
|
70
|
-
this.routeRepo = routeRepo;
|
|
71
57
|
}
|
|
72
58
|
async validateUser(email, password) {
|
|
73
|
-
const user = await this.userRepo.findOne({ where: { email } });
|
|
59
|
+
const user = await this.options.userRepo.findOne({ where: { email } });
|
|
74
60
|
if (!user || user.moduleId !== this.config.moduleId)
|
|
75
61
|
return null;
|
|
76
62
|
const isValid = await bcrypt.compare(password, user.password);
|
|
@@ -90,48 +76,18 @@ let AuthService = class AuthService {
|
|
|
90
76
|
};
|
|
91
77
|
}
|
|
92
78
|
async findUserById(id) {
|
|
93
|
-
return this.userRepo.findOne({ where: { id } });
|
|
79
|
+
return this.options.userRepo.findOne({ where: { id } });
|
|
94
80
|
}
|
|
95
|
-
// private async loadPermissions(userId: number): Promise<any> {
|
|
96
|
-
// const featureAccessList = await this.featureAccessRepo.find({
|
|
97
|
-
// where: { userId: userId, isDeleted: 0 },
|
|
98
|
-
// });
|
|
99
|
-
// const permissions: Record<string, string[]> = {};
|
|
100
|
-
// for (const access of featureAccessList) {
|
|
101
|
-
// const feature = await this.featureRepo.findOne({
|
|
102
|
-
// where: { id: access.featureId },
|
|
103
|
-
// });
|
|
104
|
-
// if (!feature) continue;
|
|
105
|
-
// const perms: string[] = [];
|
|
106
|
-
// if (access.canView) perms.push("view");
|
|
107
|
-
// if (access.canCreate) perms.push("create");
|
|
108
|
-
// if (access.canModify) perms.push("update");
|
|
109
|
-
// if (access.canDelete) perms.push("delete");
|
|
110
|
-
// if (access.canImport) perms.push("import");
|
|
111
|
-
// if (access.canExport) perms.push("export");
|
|
112
|
-
// if (perms.length) {
|
|
113
|
-
// permissions[feature.featureName] = perms;
|
|
114
|
-
// }
|
|
115
|
-
// }
|
|
116
|
-
// const moduleAccess = await this.moduleAccessRepo.find({
|
|
117
|
-
// where: { userId: userId, isDeleted: 0 },
|
|
118
|
-
// });
|
|
119
|
-
// const moduleIds = moduleAccess.map((m) => m.moduleId);
|
|
120
|
-
// return {
|
|
121
|
-
// features: permissions,
|
|
122
|
-
// modules: moduleIds,
|
|
123
|
-
// };
|
|
124
|
-
// }
|
|
125
81
|
async loadPermissions(userId) {
|
|
126
82
|
// ---- Feature Permissions ----
|
|
127
|
-
const featureAccessList = await this.featureAccessRepo.find({
|
|
83
|
+
const featureAccessList = await this.options.featureAccessRepo.find({
|
|
128
84
|
where: { userId, isDeleted: 0 },
|
|
129
85
|
});
|
|
130
86
|
const featurePermissions = {};
|
|
87
|
+
const allFeatures = await this.options.featureRepo.find();
|
|
88
|
+
const featureMap = new Map(allFeatures.map((f) => [f.id, f]));
|
|
131
89
|
for (const access of featureAccessList) {
|
|
132
|
-
const feature =
|
|
133
|
-
where: { id: access.featureId },
|
|
134
|
-
});
|
|
90
|
+
const feature = featureMap.get(access.featureId);
|
|
135
91
|
if (!feature)
|
|
136
92
|
continue;
|
|
137
93
|
const perms = [];
|
|
@@ -152,30 +108,23 @@ let AuthService = class AuthService {
|
|
|
152
108
|
}
|
|
153
109
|
}
|
|
154
110
|
// ---- Module Access ----
|
|
155
|
-
const moduleAccess = await this.moduleAccessRepo.find({
|
|
111
|
+
const moduleAccess = await this.options.moduleAccessRepo.find({
|
|
156
112
|
where: { userId, isDeleted: 0 },
|
|
157
113
|
});
|
|
158
114
|
const moduleIds = moduleAccess.map((m) => m.moduleId);
|
|
159
115
|
// ---- Route Permissions ----
|
|
160
|
-
const screenPermissionsList = await this.screenPermissionRepo.find({
|
|
116
|
+
const screenPermissionsList = await this.options.screenPermissionRepo.find({
|
|
161
117
|
where: { userId, isActive: true },
|
|
162
118
|
});
|
|
163
119
|
const routePermissions = {};
|
|
120
|
+
const allRoutes = await this.options.routeRepo.find();
|
|
121
|
+
const routeMap = new Map(allRoutes.map((r) => [r.id, r]));
|
|
164
122
|
for (const screen of screenPermissionsList) {
|
|
165
|
-
const route =
|
|
166
|
-
where: { id: screen.moduleRouteId },
|
|
167
|
-
});
|
|
123
|
+
const route = routeMap.get(screen.moduleRouteId);
|
|
168
124
|
if (!route)
|
|
169
125
|
continue;
|
|
170
126
|
const perms = [];
|
|
171
|
-
const permissionKeys = [
|
|
172
|
-
"view",
|
|
173
|
-
"create",
|
|
174
|
-
"update",
|
|
175
|
-
"delete",
|
|
176
|
-
"import",
|
|
177
|
-
"export",
|
|
178
|
-
];
|
|
127
|
+
const permissionKeys = ["view", "create", "update", "delete", "import", "export"];
|
|
179
128
|
for (const key of permissionKeys) {
|
|
180
129
|
if (screen.permissions?.[key]) {
|
|
181
130
|
perms.push(key);
|
|
@@ -195,17 +144,7 @@ let AuthService = class AuthService {
|
|
|
195
144
|
exports.AuthService = AuthService;
|
|
196
145
|
exports.AuthService = AuthService = __decorate([
|
|
197
146
|
(0, common_1.Injectable)(),
|
|
198
|
-
__param(1, (0,
|
|
199
|
-
__param(2, (0, common_1.Inject)(
|
|
200
|
-
|
|
201
|
-
__param(4, (0, typeorm_2.InjectRepository)(user_feature_access_entity_1.UserFeatureAccess, "ecrs_main_connection")),
|
|
202
|
-
__param(5, (0, typeorm_2.InjectRepository)(feature_entity_1.Feature, "ecrs_main_connection")),
|
|
203
|
-
__param(6, (0, typeorm_2.InjectRepository)(module_screen_permission_entity_1.ModuleScreenPermission, "ecrs_main_connection")),
|
|
204
|
-
__param(7, (0, typeorm_2.InjectRepository)(module_route_entity_1.ModuleRoute, "ecrs_main_connection")),
|
|
205
|
-
__metadata("design:paramtypes", [jwt_1.JwtService,
|
|
206
|
-
typeorm_1.Repository, Object, typeorm_1.Repository,
|
|
207
|
-
typeorm_1.Repository,
|
|
208
|
-
typeorm_1.Repository,
|
|
209
|
-
typeorm_1.Repository,
|
|
210
|
-
typeorm_1.Repository])
|
|
147
|
+
__param(1, (0, common_1.Inject)('AUTH_CORE_OPTIONS')),
|
|
148
|
+
__param(2, (0, common_1.Inject)('MODULE_CONFIG')),
|
|
149
|
+
__metadata("design:paramtypes", [jwt_1.JwtService, Object, Object])
|
|
211
150
|
], AuthService);
|
package/dist/index.d.ts
CHANGED
|
@@ -8,5 +8,3 @@ export * from './guards/feature.guard';
|
|
|
8
8
|
export * from './decorators/current-user.decorator';
|
|
9
9
|
export * from './guards/route.guard';
|
|
10
10
|
export * from './decorators/route-permission.decorator';
|
|
11
|
-
export * from './guards/permission.guard';
|
|
12
|
-
export * from './decorators/has-permission.decorator';
|
package/dist/index.js
CHANGED
|
@@ -24,5 +24,3 @@ __exportStar(require("./guards/feature.guard"), exports);
|
|
|
24
24
|
__exportStar(require("./decorators/current-user.decorator"), exports);
|
|
25
25
|
__exportStar(require("./guards/route.guard"), exports);
|
|
26
26
|
__exportStar(require("./decorators/route-permission.decorator"), exports);
|
|
27
|
-
__exportStar(require("./guards/permission.guard"), exports);
|
|
28
|
-
__exportStar(require("./decorators/has-permission.decorator"), exports);
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { Repository } from 'typeorm';
|
|
2
|
+
import { User } from '../entities/user.entity';
|
|
3
|
+
import { Role } from '../entities/role.entity';
|
|
4
|
+
import { Module } from '../entities/module.entity';
|
|
5
|
+
import { Feature } from '../entities/feature.entity';
|
|
6
|
+
import { ModuleRoute } from '../entities/module-route.entity';
|
|
7
|
+
import { UserFeatureAccess } from '../entities/user-feature-access.entity';
|
|
8
|
+
import { UserModuleAccess } from '../entities/user-module-access.entity';
|
|
9
|
+
import { ModuleScreenPermission } from '../entities/module-screen-permission.entity';
|
|
10
|
+
export interface AuthCoreOptions {
|
|
11
|
+
userRepo: Repository<User>;
|
|
12
|
+
roleRepo: Repository<Role>;
|
|
13
|
+
moduleRepo: Repository<Module>;
|
|
14
|
+
featureRepo: Repository<Feature>;
|
|
15
|
+
routeRepo: Repository<ModuleRoute>;
|
|
16
|
+
featureAccessRepo: Repository<UserFeatureAccess>;
|
|
17
|
+
moduleAccessRepo: Repository<UserModuleAccess>;
|
|
18
|
+
screenPermissionRepo: Repository<ModuleScreenPermission>;
|
|
19
|
+
}
|