grm-shared-library 1.1.138 → 1.1.139
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/modules/common/enums/entity-name.enum.js +15 -0
- package/dist/cjs/modules/common/enums/entity-name.enum.js.map +1 -0
- package/dist/cjs/modules/common/index.js +1 -0
- package/dist/cjs/modules/common/index.js.map +1 -1
- package/dist/cjs/modules/common/services/access-validation.service.js +10 -2
- package/dist/cjs/modules/common/services/access-validation.service.js.map +1 -1
- package/dist/esm/modules/common/enums/entity-name.enum.js +12 -0
- package/dist/esm/modules/common/enums/entity-name.enum.js.map +1 -0
- package/dist/esm/modules/common/index.js +1 -0
- package/dist/esm/modules/common/index.js.map +1 -1
- package/dist/esm/modules/common/services/access-validation.service.js +10 -2
- package/dist/esm/modules/common/services/access-validation.service.js.map +1 -1
- package/dist/types/modules/common/enums/entity-name.enum.d.ts +10 -0
- package/dist/types/modules/common/index.d.ts +1 -0
- package/dist/types/modules/common/interfaces/access-validation.interface.d.ts +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.EntityName = void 0;
|
|
4
|
+
var EntityName;
|
|
5
|
+
(function (EntityName) {
|
|
6
|
+
EntityName["ORGANIZATION"] = "organization";
|
|
7
|
+
EntityName["CONTROL_CENTRE"] = "controlCentre";
|
|
8
|
+
EntityName["RESPONSE_UNIT"] = "responseUnit";
|
|
9
|
+
EntityName["USER"] = "user";
|
|
10
|
+
EntityName["ROLE"] = "role";
|
|
11
|
+
EntityName["PERMISSION"] = "permission";
|
|
12
|
+
EntityName["INCIDENT"] = "incident";
|
|
13
|
+
EntityName["ZONE"] = "zone";
|
|
14
|
+
})(EntityName || (exports.EntityName = EntityName = {}));
|
|
15
|
+
//# sourceMappingURL=entity-name.enum.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-name.enum.js","sourceRoot":"","sources":["../../../../../src/modules/common/enums/entity-name.enum.ts"],"names":[],"mappings":";;;AAAA,IAAY,UASX;AATD,WAAY,UAAU;IAClB,2CAA6B,CAAA;IAC7B,8CAAgC,CAAA;IAChC,4CAA8B,CAAA;IAC9B,2BAAa,CAAA;IACb,2BAAa,CAAA;IACb,uCAAyB,CAAA;IACzB,mCAAqB,CAAA;IACrB,2BAAa,CAAA;AACjB,CAAC,EATW,UAAU,0BAAV,UAAU,QASrB"}
|
|
@@ -26,4 +26,5 @@ __exportStar(require("./interfaces/access-validation.interface"), exports);
|
|
|
26
26
|
__exportStar(require("./constants/service.const"), exports);
|
|
27
27
|
__exportStar(require("./services"), exports);
|
|
28
28
|
__exportStar(require("./enums/secrets-fetch-strategy.enum"), exports);
|
|
29
|
+
__exportStar(require("./enums/entity-name.enum"), exports);
|
|
29
30
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/common/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0DAAwC;AACxC,yDAAuC;AACvC,4DAA0C;AAC1C,8DAA4C;AAC5C,4DAA0C;AAC1C,4DAA0C;AAC1C,2DAAyC;AACzC,8DAA4C;AAC5C,2EAAyD;AACzD,4DAA0C;AAC1C,6CAA2B;AAC3B,sEAAoD"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/common/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0DAAwC;AACxC,yDAAuC;AACvC,4DAA0C;AAC1C,8DAA4C;AAC5C,4DAA0C;AAC1C,4DAA0C;AAC1C,2DAAyC;AACzC,8DAA4C;AAC5C,2EAAyD;AACzD,4DAA0C;AAC1C,6CAA2B;AAC3B,sEAAoD;AACpD,2DAAyC"}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.AccessValidationService = void 0;
|
|
4
4
|
const common_1 = require("@nestjs/common");
|
|
5
|
+
const entity_name_enum_1 = require("../enums/entity-name.enum");
|
|
5
6
|
/**
|
|
6
7
|
* Service for validating access control across microservices
|
|
7
8
|
* Provides centralized validation logic to ensure consistency
|
|
@@ -44,8 +45,15 @@ class AccessValidationService {
|
|
|
44
45
|
return;
|
|
45
46
|
}
|
|
46
47
|
if (accessScope.isControlCentreUser) {
|
|
47
|
-
if (
|
|
48
|
-
|
|
48
|
+
if (entityName === entity_name_enum_1.EntityName.CONTROL_CENTRE) {
|
|
49
|
+
if (entity.id !== accessScope.controlCentreFilter) {
|
|
50
|
+
throw new common_1.ForbiddenException(`Access denied: ${entityName} is not your control centre`);
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
else {
|
|
54
|
+
if (entity.controlCentreId !== accessScope.controlCentreFilter) {
|
|
55
|
+
throw new common_1.ForbiddenException(`Access denied: ${entityName} does not belong to your control centre`);
|
|
56
|
+
}
|
|
49
57
|
}
|
|
50
58
|
return;
|
|
51
59
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access-validation.service.js","sourceRoot":"","sources":["../../../../../src/modules/common/services/access-validation.service.ts"],"names":[],"mappings":";;;AAAA,2CAAoD;
|
|
1
|
+
{"version":3,"file":"access-validation.service.js","sourceRoot":"","sources":["../../../../../src/modules/common/services/access-validation.service.ts"],"names":[],"mappings":";;;AAAA,2CAAoD;AAGpD,gEAAuD;AAEvD;;;GAGG;AACH,MAAa,uBAAuB;IAEhC;;;;OAIG;IACH,kBAAkB,CAAC,WAAwB,EAAE,mBAA2B,UAAU;QAC9E,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,kBAAkB,IAAI,WAAW,CAAC,mBAAmB,EAAE,CAAC;YACpE,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,MAAM,IAAI,2BAAkB,CAAC,qDAAqD,gBAAgB,EAAE,CAAC,CAAC;IAC1G,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAChB,WAAwB,EACxB,MAAS,EACT,aAAqB,QAAQ,EAC7B,SAAkB;QAElB,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACzE,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,UAAU,oCAAoC,CAAC,CAAC;QACnG,CAAC;QAED,IAAI,WAAW,CAAC,kBAAkB,EAAE,CAAC;YACjC,IAAI,MAAM,CAAC,cAAc,KAAK,WAAW,CAAC,kBAAkB,EAAE,CAAC;gBAC3D,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,UAAU,uCAAuC,CAAC,CAAC;YACtG,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,mBAAmB,EAAE,CAAC;YAClC,IAAI,UAAU,KAAK,6BAAU,CAAC,cAAc,EAAE,CAAC;gBAC3C,IAAI,MAAM,CAAC,EAAE,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;oBAChD,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,UAAU,6BAA6B,CAAC,CAAC;gBAC5F,CAAC;YACL,CAAC;iBAAM,CAAC;gBACJ,IAAI,MAAM,CAAC,eAAe,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;oBAC7D,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,UAAU,yCAAyC,CAAC,CAAC;gBACxG,CAAC;YACL,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,IAAI,SAAS,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC9C,OAAO;YACX,CAAC;QACL,CAAC;QAED,MAAM,IAAI,2BAAkB,CAAC,0DAA0D,UAAU,SAAS,CAAC,CAAC;IAChH,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAChB,WAAwB,EACxB,SAAY,EACZ,aAAqB,QAAQ;QAE7B,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,IAAI,WAAW,CAAC,kBAAkB,IAAI,SAAS,CAAC,cAAc,KAAK,WAAW,CAAC,kBAAkB,EAAE,CAAC;gBAChG,MAAM,IAAI,2BAAkB,CAAC,iBAAiB,UAAU,wBAAwB,CAAC,CAAC;YACtF,CAAC;QACL,CAAC;QAED,IAAI,SAAS,CAAC,eAAe,EAAE,CAAC;YAC5B,IAAI,WAAW,CAAC,mBAAmB,IAAI,SAAS,CAAC,eAAe,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;gBACnG,MAAM,IAAI,2BAAkB,CAAC,iBAAiB,UAAU,0BAA0B,CAAC,CAAC;YACxF,CAAC;QACL,CAAC;QAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,WAAW,CAAC,YAAY,IAAI,SAAS,CAAC,SAAS,KAAK,WAAW,CAAC,YAAY,EAAE,CAAC;gBAC/E,MAAM,IAAI,2BAAkB,CAAC,iBAAiB,UAAU,mBAAmB,CAAC,CAAC;YACjF,CAAC;QACL,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,kBAAkB,IAAI,CAAC,WAAW,CAAC,mBAAmB,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;YACnG,MAAM,IAAI,2BAAkB,CAAC,sCAAsC,UAAU,EAAE,CAAC,CAAC;QACrF,CAAC;IACL,CAAC;CACJ;AA7GD,0DA6GC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
export var EntityName;
|
|
2
|
+
(function (EntityName) {
|
|
3
|
+
EntityName["ORGANIZATION"] = "organization";
|
|
4
|
+
EntityName["CONTROL_CENTRE"] = "controlCentre";
|
|
5
|
+
EntityName["RESPONSE_UNIT"] = "responseUnit";
|
|
6
|
+
EntityName["USER"] = "user";
|
|
7
|
+
EntityName["ROLE"] = "role";
|
|
8
|
+
EntityName["PERMISSION"] = "permission";
|
|
9
|
+
EntityName["INCIDENT"] = "incident";
|
|
10
|
+
EntityName["ZONE"] = "zone";
|
|
11
|
+
})(EntityName || (EntityName = {}));
|
|
12
|
+
//# sourceMappingURL=entity-name.enum.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-name.enum.js","sourceRoot":"","sources":["../../../../../src/modules/common/enums/entity-name.enum.ts"],"names":[],"mappings":"AAAA,MAAM,CAAN,IAAY,UASX;AATD,WAAY,UAAU;IAClB,2CAA6B,CAAA;IAC7B,8CAAgC,CAAA;IAChC,4CAA8B,CAAA;IAC9B,2BAAa,CAAA;IACb,2BAAa,CAAA;IACb,uCAAyB,CAAA;IACzB,mCAAqB,CAAA;IACrB,2BAAa,CAAA;AACjB,CAAC,EATW,UAAU,KAAV,UAAU,QASrB"}
|
|
@@ -10,4 +10,5 @@ export * from './interfaces/access-validation.interface';
|
|
|
10
10
|
export * from './constants/service.const';
|
|
11
11
|
export * from './services';
|
|
12
12
|
export * from './enums/secrets-fetch-strategy.enum';
|
|
13
|
+
export * from './enums/entity-name.enum';
|
|
13
14
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/common/index.ts"],"names":[],"mappings":"AAAA,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,0BAA0B,CAAC;AACzC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,0CAA0C,CAAC;AACzD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,YAAY,CAAC;AAC3B,cAAc,qCAAqC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/common/index.ts"],"names":[],"mappings":"AAAA,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,0BAA0B,CAAC;AACzC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,0CAA0C,CAAC;AACzD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,YAAY,CAAC;AAC3B,cAAc,qCAAqC,CAAC;AACpD,cAAc,0BAA0B,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { ForbiddenException } from '@nestjs/common';
|
|
2
|
+
import { EntityName } from '../enums/entity-name.enum';
|
|
2
3
|
/**
|
|
3
4
|
* Service for validating access control across microservices
|
|
4
5
|
* Provides centralized validation logic to ensure consistency
|
|
@@ -41,8 +42,15 @@ export class AccessValidationService {
|
|
|
41
42
|
return;
|
|
42
43
|
}
|
|
43
44
|
if (accessScope.isControlCentreUser) {
|
|
44
|
-
if (
|
|
45
|
-
|
|
45
|
+
if (entityName === EntityName.CONTROL_CENTRE) {
|
|
46
|
+
if (entity.id !== accessScope.controlCentreFilter) {
|
|
47
|
+
throw new ForbiddenException(`Access denied: ${entityName} is not your control centre`);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
if (entity.controlCentreId !== accessScope.controlCentreFilter) {
|
|
52
|
+
throw new ForbiddenException(`Access denied: ${entityName} does not belong to your control centre`);
|
|
53
|
+
}
|
|
46
54
|
}
|
|
47
55
|
return;
|
|
48
56
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access-validation.service.js","sourceRoot":"","sources":["../../../../../src/modules/common/services/access-validation.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"access-validation.service.js","sourceRoot":"","sources":["../../../../../src/modules/common/services/access-validation.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAGpD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AAEvD;;;GAGG;AACH,MAAM,OAAO,uBAAuB;IAEhC;;;;OAIG;IACH,kBAAkB,CAAC,WAAwB,EAAE,mBAA2B,UAAU;QAC9E,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,kBAAkB,IAAI,WAAW,CAAC,mBAAmB,EAAE,CAAC;YACpE,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,MAAM,IAAI,kBAAkB,CAAC,qDAAqD,gBAAgB,EAAE,CAAC,CAAC;IAC1G,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAChB,WAAwB,EACxB,MAAS,EACT,aAAqB,QAAQ,EAC7B,SAAkB;QAElB,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACzE,MAAM,IAAI,kBAAkB,CAAC,kBAAkB,UAAU,oCAAoC,CAAC,CAAC;QACnG,CAAC;QAED,IAAI,WAAW,CAAC,kBAAkB,EAAE,CAAC;YACjC,IAAI,MAAM,CAAC,cAAc,KAAK,WAAW,CAAC,kBAAkB,EAAE,CAAC;gBAC3D,MAAM,IAAI,kBAAkB,CAAC,kBAAkB,UAAU,uCAAuC,CAAC,CAAC;YACtG,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,mBAAmB,EAAE,CAAC;YAClC,IAAI,UAAU,KAAK,UAAU,CAAC,cAAc,EAAE,CAAC;gBAC3C,IAAI,MAAM,CAAC,EAAE,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;oBAChD,MAAM,IAAI,kBAAkB,CAAC,kBAAkB,UAAU,6BAA6B,CAAC,CAAC;gBAC5F,CAAC;YACL,CAAC;iBAAM,CAAC;gBACJ,IAAI,MAAM,CAAC,eAAe,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;oBAC7D,MAAM,IAAI,kBAAkB,CAAC,kBAAkB,UAAU,yCAAyC,CAAC,CAAC;gBACxG,CAAC;YACL,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,IAAI,SAAS,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC9C,OAAO;YACX,CAAC;QACL,CAAC;QAED,MAAM,IAAI,kBAAkB,CAAC,0DAA0D,UAAU,SAAS,CAAC,CAAC;IAChH,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAChB,WAAwB,EACxB,SAAY,EACZ,aAAqB,QAAQ;QAE7B,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC3B,OAAO;QACX,CAAC;QAED,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;YAC3B,IAAI,WAAW,CAAC,kBAAkB,IAAI,SAAS,CAAC,cAAc,KAAK,WAAW,CAAC,kBAAkB,EAAE,CAAC;gBAChG,MAAM,IAAI,kBAAkB,CAAC,iBAAiB,UAAU,wBAAwB,CAAC,CAAC;YACtF,CAAC;QACL,CAAC;QAED,IAAI,SAAS,CAAC,eAAe,EAAE,CAAC;YAC5B,IAAI,WAAW,CAAC,mBAAmB,IAAI,SAAS,CAAC,eAAe,KAAK,WAAW,CAAC,mBAAmB,EAAE,CAAC;gBACnG,MAAM,IAAI,kBAAkB,CAAC,iBAAiB,UAAU,0BAA0B,CAAC,CAAC;YACxF,CAAC;QACL,CAAC;QAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,WAAW,CAAC,YAAY,IAAI,SAAS,CAAC,SAAS,KAAK,WAAW,CAAC,YAAY,EAAE,CAAC;gBAC/E,MAAM,IAAI,kBAAkB,CAAC,iBAAiB,UAAU,mBAAmB,CAAC,CAAC;YACjF,CAAC;QACL,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,kBAAkB,IAAI,CAAC,WAAW,CAAC,mBAAmB,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;YACnG,MAAM,IAAI,kBAAkB,CAAC,sCAAsC,UAAU,EAAE,CAAC,CAAC;QACrF,CAAC;IACL,CAAC;CACJ"}
|