exguard-backend 1.0.16 → 1.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +58 -9
- package/package.json +1 -1
- package/scripts/setup-nestjs.cjs +9 -23
package/README.md
CHANGED
|
@@ -34,19 +34,21 @@ pnpm add exguard-backend
|
|
|
34
34
|
npm install exguard-backend@1.0.10
|
|
35
35
|
|
|
36
36
|
# Run automatic setup
|
|
37
|
-
npx exguard-backend
|
|
37
|
+
npx exguard-backend@1.0.16
|
|
38
38
|
# OR
|
|
39
39
|
npm run setup-nestjs
|
|
40
40
|
```
|
|
41
41
|
|
|
42
|
-
**
|
|
43
|
-
|
|
44
|
-
✅ **
|
|
45
|
-
✅ **
|
|
46
|
-
✅ **
|
|
47
|
-
✅ **
|
|
48
|
-
✅ **
|
|
49
|
-
✅ **
|
|
42
|
+
**The setup script (v1.0.16) includes:**
|
|
43
|
+
✅ **Automatic package installation** - Installs exguard-backend if missing
|
|
44
|
+
✅ **File overwriting** - Overwrites existing files to ensure latest fixes
|
|
45
|
+
✅ **Better import handling** - Fixed app.module.ts import issues
|
|
46
|
+
✅ **Robust error handling** - Better error messages and recovery
|
|
47
|
+
✅ **Improved module detection** - More reliable NestJS project detection
|
|
48
|
+
✅ **Enhanced file creation** - Better file path handling
|
|
49
|
+
✅ **TypeScript error fixes** - All generated code is type-safe
|
|
50
|
+
✅ **Complete imports** - All factory functions properly imported
|
|
51
|
+
✅ **Working permission checks** - Guards actually enforce permissions
|
|
50
52
|
|
|
51
53
|
### 📋 Option 2: Manual Setup
|
|
52
54
|
|
|
@@ -446,6 +448,53 @@ describe('AppController (e2e)', () => {
|
|
|
446
448
|
});
|
|
447
449
|
```
|
|
448
450
|
|
|
451
|
+
## 🚀 Quick Implementation Guide
|
|
452
|
+
|
|
453
|
+
### **Step 1: Install and Setup**
|
|
454
|
+
```bash
|
|
455
|
+
# Install latest version
|
|
456
|
+
npm install exguard-backend@1.0.16
|
|
457
|
+
|
|
458
|
+
# Run automatic setup (overwrites existing files)
|
|
459
|
+
npx exguard-backend@1.0.16
|
|
460
|
+
```
|
|
461
|
+
|
|
462
|
+
### **Step 2: Controller Implementation**
|
|
463
|
+
```typescript
|
|
464
|
+
import { Controller, Get, Post, UseGuards, Request, Body } from '@nestjs/common';
|
|
465
|
+
import { createPermissionGuard, createRoleGuard, createModuleGuard } from '../exguard/exguard.guard';
|
|
466
|
+
|
|
467
|
+
@Controller('your-controller')
|
|
468
|
+
export class YourController {
|
|
469
|
+
@Get()
|
|
470
|
+
@UseGuards(createPermissionGuard(['your-resource:read']))
|
|
471
|
+
async getAll(@Request() req) {
|
|
472
|
+
return { success: true, data: [] };
|
|
473
|
+
}
|
|
474
|
+
|
|
475
|
+
@Post()
|
|
476
|
+
@UseGuards(createPermissionGuard(['your-resource:create']))
|
|
477
|
+
async create(@Body() createDto: any, @Request() req) {
|
|
478
|
+
return { success: true, data: createDto };
|
|
479
|
+
}
|
|
480
|
+
}
|
|
481
|
+
```
|
|
482
|
+
|
|
483
|
+
### **Step 3: Test Your Implementation**
|
|
484
|
+
```bash
|
|
485
|
+
# Test with valid permissions
|
|
486
|
+
curl http://localhost:3000/your-controller -H "Authorization: Bearer YOUR_TOKEN"
|
|
487
|
+
|
|
488
|
+
# Test with invalid permissions (should return 403)
|
|
489
|
+
curl http://localhost:3000/your-controller -H "Authorization: Bearer TOKEN_WITHOUT_PERMISSIONS"
|
|
490
|
+
```
|
|
491
|
+
|
|
492
|
+
### **Important Notes:**
|
|
493
|
+
- ✅ **File Overwriting**: The setup script now overwrites existing files to ensure you get the latest fixes
|
|
494
|
+
- ✅ **Permission Checking**: Guards now actually check and enforce permissions
|
|
495
|
+
- ✅ **TypeScript Safe**: All generated code is TypeScript compliant
|
|
496
|
+
- ✅ **Working Examples**: The generated controller demonstrates all protection patterns
|
|
497
|
+
|
|
449
498
|
## 🎯 Controller Implementation Examples
|
|
450
499
|
|
|
451
500
|
### **Basic Permission Protection**
|
package/package.json
CHANGED
package/scripts/setup-nestjs.cjs
CHANGED
|
@@ -143,8 +143,7 @@ export class ExGuardModule {}
|
|
|
143
143
|
const modulePath = path.join(process.cwd(), 'src/exguard/exguard.module.ts');
|
|
144
144
|
|
|
145
145
|
if (fs.existsSync(modulePath)) {
|
|
146
|
-
logWarning('
|
|
147
|
-
return;
|
|
146
|
+
logWarning('ExGuard module already exists. Overwriting...');
|
|
148
147
|
}
|
|
149
148
|
|
|
150
149
|
fs.writeFileSync(modulePath, moduleContent);
|
|
@@ -236,7 +235,10 @@ export function createPermissionGuard(permissions: string[], requireAll = false)
|
|
|
236
235
|
|
|
237
236
|
// Then check specific permissions
|
|
238
237
|
// Extract permissions from modules array
|
|
239
|
-
|
|
238
|
+
if (!authResult.user) {
|
|
239
|
+
return { allowed: false, error: 'User not found in authentication result' };
|
|
240
|
+
}
|
|
241
|
+
const userPermissions = authResult.user.modules?.flatMap(module => module.permissions) || [];
|
|
240
242
|
|
|
241
243
|
if (requireAll) {
|
|
242
244
|
// User must have ALL permissions
|
|
@@ -260,13 +262,7 @@ export function createPermissionGuard(permissions: string[], requireAll = false)
|
|
|
260
262
|
|
|
261
263
|
return {
|
|
262
264
|
allowed: true,
|
|
263
|
-
user:
|
|
264
|
-
...authResult.user,
|
|
265
|
-
permissions: authResult.modules?.flatMap(module => module.permissions) || [],
|
|
266
|
-
roles: authResult.roles || [],
|
|
267
|
-
modules: authResult.modules || [],
|
|
268
|
-
fieldOffices: authResult.fieldOffices || []
|
|
269
|
-
}
|
|
265
|
+
user: authResult.user
|
|
270
266
|
};
|
|
271
267
|
}
|
|
272
268
|
};
|
|
@@ -292,8 +288,7 @@ export function createModuleGuard(modules: string[], requireAll = false) {
|
|
|
292
288
|
const guardPath = path.join(process.cwd(), 'src/exguard/exguard.guard.ts');
|
|
293
289
|
|
|
294
290
|
if (fs.existsSync(guardPath)) {
|
|
295
|
-
logWarning('ExGuard guards already exist.
|
|
296
|
-
return;
|
|
291
|
+
logWarning('ExGuard guards already exist. Overwriting...');
|
|
297
292
|
}
|
|
298
293
|
|
|
299
294
|
fs.writeFileSync(guardPath, guardContent);
|
|
@@ -376,8 +371,7 @@ export const Require = (requirements: {
|
|
|
376
371
|
const decoratorPath = path.join(process.cwd(), 'src/exguard/exguard.decorators.ts');
|
|
377
372
|
|
|
378
373
|
if (fs.existsSync(decoratorPath)) {
|
|
379
|
-
logWarning('ExGuard decorators already exist.
|
|
380
|
-
return;
|
|
374
|
+
logWarning('ExGuard decorators already exist. Overwriting...');
|
|
381
375
|
}
|
|
382
376
|
|
|
383
377
|
fs.writeFileSync(decoratorPath, decoratorContent);
|
|
@@ -468,16 +462,8 @@ export class EventsController {
|
|
|
468
462
|
|
|
469
463
|
const controllerPath = path.join(process.cwd(), 'src/events/events.controller.ts');
|
|
470
464
|
|
|
471
|
-
// Check if events directory exists
|
|
472
|
-
const eventsDir = path.join(process.cwd(), 'src/events');
|
|
473
|
-
if (!fs.existsSync(eventsDir)) {
|
|
474
|
-
fs.mkdirSync(eventsDir, { recursive: true });
|
|
475
|
-
logSuccess('Created events directory');
|
|
476
|
-
}
|
|
477
|
-
|
|
478
465
|
if (fs.existsSync(controllerPath)) {
|
|
479
|
-
logWarning('Example controller already exists.
|
|
480
|
-
return;
|
|
466
|
+
logWarning('Example controller already exists. Overwriting...');
|
|
481
467
|
}
|
|
482
468
|
|
|
483
469
|
fs.writeFileSync(controllerPath, controllerContent);
|