ecrs-auth-core 1.0.94 → 1.0.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/auth.controller.js
CHANGED
|
@@ -48,19 +48,19 @@ let AuthController = class AuthController {
|
|
|
48
48
|
else {
|
|
49
49
|
console.log(`✅ User ${body.email} authenticated successfully`);
|
|
50
50
|
}
|
|
51
|
-
console.log('📊 User details:', user);
|
|
51
|
+
// console.log('📊 User details:', user);
|
|
52
52
|
const requestedModuleId = Number(body.moduleId);
|
|
53
53
|
console.log(`📍 User ${body.email} requested access to module ID: ${requestedModuleId}`);
|
|
54
54
|
if (!Number.isFinite(requestedModuleId)) {
|
|
55
55
|
console.warn(`⚠️ Invalid module ID provided by user ${body.email}: ${body.moduleId}`);
|
|
56
56
|
throw new common_1.UnauthorizedException('You are not authorized to access this module');
|
|
57
57
|
}
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
58
|
+
console.log(`🔍 Checking module access for user ID ${user.id} and module ID ${requestedModuleId}...`);
|
|
59
|
+
const allowedDb = await this.authService.hasModuleAccess(user.id, requestedModuleId);
|
|
60
|
+
console.log(`📊 Module access check result for user ID ${user.id} and module ID ${requestedModuleId}: ${allowedDb ? 'Allowed' : 'Denied'}`);
|
|
61
|
+
if (!allowedDb) {
|
|
62
|
+
throw new common_1.UnauthorizedException('You are not authorized to access this module');
|
|
63
|
+
}
|
|
64
64
|
// const perms = await this.authService.getPermissions(user.id);
|
|
65
65
|
// console.log(`📊 User permissions for ${body.email}:`, perms);
|
|
66
66
|
// if (!Array.isArray(perms.modules) || !perms.modules.includes(requestedModuleId)) {
|
package/dist/auth.service.js
CHANGED
|
@@ -164,26 +164,23 @@ let AuthService = class AuthService {
|
|
|
164
164
|
if (!Number.isFinite(moduleId))
|
|
165
165
|
return false;
|
|
166
166
|
console.log(`🔍 Checking module access for user ID ${userId} and module ID ${moduleId}...`);
|
|
167
|
-
const access1 = await this.moduleAccessRepo
|
|
168
|
-
.createQueryBuilder("ma")
|
|
169
|
-
.where("ma.userId = :userId", { userId })
|
|
170
|
-
.andWhere("ma.moduleId = :moduleId", { moduleId })
|
|
171
|
-
.andWhere("ma.status = 1")
|
|
172
|
-
.andWhere("ma.isDeleted = 0")
|
|
173
|
-
.getOne();
|
|
174
|
-
console.log(access1);
|
|
175
|
-
let access;
|
|
176
167
|
try {
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
168
|
+
const result = await this.moduleAccessRepo.query(`SELECT 1
|
|
169
|
+
FROM user_module_access
|
|
170
|
+
WHERE user_id = $1
|
|
171
|
+
AND module_id = $2
|
|
172
|
+
AND status = 1
|
|
173
|
+
AND is_deleted = 0
|
|
174
|
+
LIMIT 1`, [userId, moduleId]);
|
|
175
|
+
console.log('Raw Query Result:', result);
|
|
176
|
+
const allowed = result.length > 0;
|
|
177
|
+
console.log(`📊 Module access check result for user ID ${userId} and module ID ${moduleId}: ${allowed ? 'Allowed' : 'Denied'}`);
|
|
178
|
+
return allowed;
|
|
181
179
|
}
|
|
182
180
|
catch (error) {
|
|
183
|
-
console.error(error);
|
|
181
|
+
console.error('❌ Error checking module access:', error);
|
|
182
|
+
return false;
|
|
184
183
|
}
|
|
185
|
-
console.log(`📊 Module access check result for user ID ${userId} and module ID ${moduleId}: ${access ? 'Allowed' : 'Denied'}`);
|
|
186
|
-
return !!access;
|
|
187
184
|
}
|
|
188
185
|
async getPermissions(userId) {
|
|
189
186
|
console.log(`🔍 Loading permissions for user ID ${userId}...`);
|
|
@@ -64,5 +64,5 @@ __decorate([
|
|
|
64
64
|
__metadata("design:type", Number)
|
|
65
65
|
], UserModuleAccess.prototype, "isDeleted", void 0);
|
|
66
66
|
exports.UserModuleAccess = UserModuleAccess = __decorate([
|
|
67
|
-
(0, typeorm_1.Entity)({ name: '
|
|
67
|
+
(0, typeorm_1.Entity)({ name: 'tbl_c_user_module_access_new' })
|
|
68
68
|
], UserModuleAccess);
|