npm - mongodb-dynamic-api - Versions diffs - 2.1.5 → 2.1.7 - Mend

mongodb-dynamic-api 2.1.5 → 2.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,9 @@
 Changelog
+## [2.1.7](https://github.com/MikeDev75015/mongodb-dynamic-api/compare/v2.1.6...v2.1.7) (2024-04-01)
+## [2.1.6](https://github.com/MikeDev75015/mongodb-dynamic-api/compare/v2.1.5...v2.1.6) (2024-03-31)
 ## [2.1.5](https://github.com/MikeDev75015/mongodb-dynamic-api/compare/v2.1.4...v2.1.5) (2024-03-29)
 ## [2.1.4](https://github.com/MikeDev75015/mongodb-dynamic-api/compare/v2.1.3...v2.1.4) (2024-03-29)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mongodb-dynamic-api",
-  "version": "2.1.5",
+  "version": "2.1.7",
   "description": "Auto generated CRUD API for MongoDB using NestJS",
   "readmeFilename": "README.md",
   "main": "index.js",
@@ -38,7 +38,6 @@
   },
   "homepage": "https://mikedev75015.github.io",
   "dependencies": {
-    "@casl/ability": "^6.7.0",
     "@nestjs/cache-manager": "^2.2.1",
     "@nestjs/common": "^10.3.2",
     "@nestjs/core": "^10.3.2",
@@ -84,6 +83,7 @@
     "eslint-plugin-prettier": "^5.1.3",
     "jest": "^29.7.0",
     "jest-junit": "^16.0.0",
+    "jest-mock-extended": "^3.0.5",
     "jest-sonar-reporter": "^2.0.0",
     "prettier": "^3.2.5",
     "release-it": "^17.1.1",

package/src/builders/index.d.ts CHANGED Viewed

@@ -1,3 +1,2 @@
-export * from './casl/casl-ability.builder';
 export * from './route-decorators/auth-decorators.builder';
 export * from './route-decorators/route-decorators.builder';

package/src/builders/index.js CHANGED Viewed

@@ -14,6 +14,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./casl/casl-ability.builder"), exports);
 __exportStar(require("./route-decorators/auth-decorators.builder"), exports);
 __exportStar(require("./route-decorators/route-decorators.builder"), exports);

package/src/builders/route-decorators/route-decorators.builder.d.ts CHANGED Viewed

@@ -12,7 +12,6 @@ declare class RouteDecoratorsBuilder<Entity extends BaseEntity> implements Dynam
     private readonly bodyRouteTypeIsOptional;
     constructor(routeType: RouteType, entity: Type<Entity>, version: string | undefined, description: string | undefined, isPublic: boolean | undefined, dTOs?: {
         param?: Type;
-        query?: Type;
         body?: Type;
         presenter?: Type;
     });

package/src/decorators/index.d.ts CHANGED Viewed

@@ -1,3 +1,2 @@
-export * from './check-policies.decorator';
 export * from './public.decorator';
 export * from './schema-options.decorator';

package/src/decorators/index.js CHANGED Viewed

@@ -14,6 +14,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./check-policies.decorator"), exports);
 __exportStar(require("./public.decorator"), exports);
 __exportStar(require("./schema-options.decorator"), exports);

package/src/dynamic-api.module.d.ts CHANGED Viewed

@@ -6,5 +6,7 @@ export declare class DynamicApiModule {
     static readonly state: DynamicApiGlobalStateService;
     static forRoot(uri: string, { useGlobalCache, cacheOptions, useAuth, }?: DynamicApiForRootOptions): DynamicModule;
     static forFeature<Entity extends BaseEntity>({ entity, controllerOptions, routes, }: DynamicApiForFeatureOptions<Entity>): Promise<DynamicModule>;
+    private static buildStateFromOptions;
+    private static initializeAuthOptions;
     private static setDefaultRoutesIfNotConfigured;
 }

package/src/dynamic-api.module.js CHANGED Viewed

@@ -27,19 +27,8 @@ let DynamicApiModule = DynamicApiModule_1 = class DynamicApiModule {
             throw new Error('You must provide a valid mongodb uri in the forRoot method to use MongoDB Dynamic API');
         }
         this.state.set([
-            'partial', {
-                initialized: true,
-                isGlobalCacheEnabled: useGlobalCache,
-                ...(cacheOptions?.excludePaths ? { cacheExcludedPaths: cacheOptions?.excludePaths } : {}),
-                ...(useAuth?.user ? {
-                    isAuthEnabled: true,
-                    credentials: {
-                        loginField: !useAuth.user.loginField ? 'email' : String(useAuth.user.loginField),
-                        passwordField: !useAuth.user.passwordField ? 'password' : String(useAuth.user.passwordField),
-                    },
-                    jwtSecret: useAuth.jwt?.secret ?? 'dynamic-api-jwt-secret',
-                } : {}),
-            },
+            'partial',
+            this.buildStateFromOptions(useGlobalCache, cacheOptions, useAuth),
         ]);
         return {
             module: DynamicApiModule_1,
@@ -48,22 +37,7 @@ let DynamicApiModule = DynamicApiModule_1 = class DynamicApiModule {
                 cache_manager_1.CacheModule.register({ isGlobal: true, ...cacheOptions }),
                 mongoose_1.MongooseModule.forRoot(uri, { connectionName: this.state.get('connectionName') }),
                 ...(useAuth?.user ? [
-                    modules_1.AuthModule.forRoot({
-                        user: {
-                            entity: useAuth.user.entity,
-                            loginField: useAuth.user.loginField ?? 'email',
-                            passwordField: useAuth.user.passwordField ?? 'password',
-                            requestAdditionalFields: useAuth.user.requestAdditionalFields ?? [],
-                        },
-                        jwt: {
-                            secret: useAuth.jwt?.secret ?? 'dynamic-api-jwt-secret',
-                            expiresIn: useAuth.jwt?.expiresIn ?? '1d',
-                        },
-                        register: useAuth.register ?? {
-                            protected: false,
-                            additionalFields: [],
-                        },
-                    }),
+                    modules_1.AuthModule.forRoot(this.initializeAuthOptions(useAuth)),
                 ] : []),
             ],
             exports: [modules_1.DynamicApiConfigModule],
@@ -144,6 +118,42 @@ let DynamicApiModule = DynamicApiModule_1 = class DynamicApiModule {
             }, 5000);
         });
     }
+    static buildStateFromOptions(useGlobalCache, cacheOptions, useAuth) {
+        return {
+            initialized: true,
+            isGlobalCacheEnabled: useGlobalCache,
+            ...(cacheOptions?.excludePaths ? { cacheExcludedPaths: cacheOptions?.excludePaths } : {}),
+            ...(useAuth?.user ? {
+                isAuthEnabled: true,
+                credentials: {
+                    loginField: !useAuth.user.loginField ? 'email' : String(useAuth.user.loginField),
+                    passwordField: !useAuth.user.passwordField ? 'password' : String(useAuth.user.passwordField),
+                },
+                jwtSecret: useAuth.jwt?.secret ?? 'dynamic-api-jwt-secret',
+            } : {}),
+        };
+    }
+    static initializeAuthOptions(useAuth) {
+        return {
+            user: {
+                entity: useAuth.user.entity,
+                loginField: useAuth.user.loginField ?? 'email',
+                passwordField: useAuth.user.passwordField ?? 'password',
+                requestAdditionalFields: useAuth.user.requestAdditionalFields ?? [],
+            },
+            jwt: {
+                secret: useAuth.jwt?.secret ?? 'dynamic-api-jwt-secret',
+                expiresIn: useAuth.jwt?.expiresIn ?? '1d',
+            },
+            register: useAuth.register ? {
+                ...useAuth.register,
+                protected: useAuth.register.protected ?? !!useAuth.register.abilityPredicate,
+            } : {
+                protected: false,
+                additionalFields: [],
+            },
+        };
+    }
     static setDefaultRoutesIfNotConfigured(routes) {
         if (!routes.length) {
             return [

package/src/guards/base-policies.guard.d.ts CHANGED Viewed

@@ -1,13 +1,12 @@
 import { CanActivate, ExecutionContext, Type } from '@nestjs/common';
-import { Reflector } from '@nestjs/core';
-import { RouteAbilityPredicate, RouteType } from '../interfaces';
+import { AbilityPredicate, RouteType } from '../interfaces';
 import { BaseEntity } from '../models';
-export declare abstract class BasePoliciesGuard<Entity extends BaseEntity> implements CanActivate {
-    protected readonly reflector: Reflector;
+import { BaseService } from '../services';
+export declare abstract class BasePoliciesGuard<Entity extends BaseEntity, Service extends BaseService<Entity>> implements CanActivate {
+    protected readonly service: Service;
     protected routeType: RouteType;
     protected entity: Type<Entity>;
-    protected abilityPredicate: RouteAbilityPredicate<Entity> | undefined;
-    protected constructor(reflector: Reflector);
-    canActivate(context: ExecutionContext): boolean;
-    private execPolicyHandler;
+    protected abilityPredicate: AbilityPredicate<Entity> | undefined;
+    protected constructor(service: Service);
+    canActivate(context: ExecutionContext): Promise<boolean>;
 }

package/src/guards/base-policies.guard.js CHANGED Viewed

@@ -2,31 +2,26 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BasePoliciesGuard = void 0;
 const common_1 = require("@nestjs/common");
-const builders_1 = require("../builders");
-const decorators_1 = require("../decorators");
 class BasePoliciesGuard {
-    constructor(reflector) {
-        this.reflector = reflector;
+    constructor(service) {
+        this.service = service;
     }
-    canActivate(context) {
-        const policyHandlers = this.reflector.get(decorators_1.CHECK_POLICIES_KEY, context.getHandler());
-        if (!policyHandlers || !this.abilityPredicate) {
-            return true;
+    async canActivate(context) {
+        let { user, query, params } = context.switchToHttp().getRequest();
+        if (this.abilityPredicate) {
+            if (!user) {
+                throw new common_1.ForbiddenException('Access Denied');
+            }
+            this.service.abilityPredicate = this.abilityPredicate;
+            this.service.user = user;
+            if (params?.id) {
+                await this.service.findOneDocument(params.id, query);
+            }
+            else {
+                await this.service.findManyDocuments(query);
+            }
         }
-        let { user } = context.switchToHttp().getRequest();
-        if (!user) {
-            throw new common_1.ForbiddenException('Forbidden resource');
-        }
-        const ability = (0, builders_1.CaslAbilityBuilder)(this.entity, this.routeType, this.abilityPredicate, user);
-        return policyHandlers.every((handler) => {
-            return this.execPolicyHandler(handler, ability);
-        });
-    }
-    execPolicyHandler(handler, ability) {
-        if (typeof handler === 'function') {
-            return handler(ability);
-        }
-        return handler.handle(ability);
+        return true;
     }
 }
 exports.BasePoliciesGuard = BasePoliciesGuard;

package/src/helpers/controller-ability-predicates.helper.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ControllerAbilityPredicate, RouteAbilityPredicate, RouteType } from '../interfaces';
+import { ControllerAbilityPredicate, AbilityPredicate, RouteType } from '../interfaces';
 import { BaseEntity } from '../models';
-declare function getPredicateFromControllerAbilityPredicates<Entity extends BaseEntity>(controllerAbilityPredicates: ControllerAbilityPredicate<Entity>[], route: RouteType): RouteAbilityPredicate<Entity>;
+declare function getPredicateFromControllerAbilityPredicates<Entity extends BaseEntity>(controllerAbilityPredicates: ControllerAbilityPredicate<Entity>[], route: RouteType): AbilityPredicate<Entity>;
 export { getPredicateFromControllerAbilityPredicates };

package/src/helpers/controller-mixin.helper.d.ts CHANGED Viewed

@@ -7,60 +7,36 @@ declare function getControllerMixinData<Entity extends BaseEntity>(entity: Type<
     displayedName: string;
     description: string;
     isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
+    abilityPredicate: import("../interfaces/dynamic-api-ability.interface").AbilityPredicate<Entity>;
     RouteBody: Type<any>;
     RoutePresenter: Type<any>;
     EntityParam?: undefined;
-    RouteQuery?: undefined;
 } | {
     routeType: import("../interfaces/dynamic-api-route-type.type").RouteType;
     displayedName: string;
     description: string;
     isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
+    abilityPredicate: import("../interfaces/dynamic-api-ability.interface").AbilityPredicate<Entity>;
     RoutePresenter: Type<any>;
     RouteBody?: undefined;
     EntityParam?: undefined;
-    RouteQuery?: undefined;
 } | {
     routeType: import("../interfaces/dynamic-api-route-type.type").RouteType;
     displayedName: string;
     description: string;
     isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
+    abilityPredicate: import("../interfaces/dynamic-api-ability.interface").AbilityPredicate<Entity>;
     EntityParam: typeof EntityParam;
     RoutePresenter: Type<any>;
     RouteBody?: undefined;
-    RouteQuery?: undefined;
 } | {
     routeType: import("../interfaces/dynamic-api-route-type.type").RouteType;
     displayedName: string;
     description: string;
     isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
+    abilityPredicate: import("../interfaces/dynamic-api-ability.interface").AbilityPredicate<Entity>;
     RouteBody: Type<any>;
     RoutePresenter: Type<any>;
     EntityParam: typeof EntityParam;
-    RouteQuery?: undefined;
-} | {
-    routeType: import("../interfaces/dynamic-api-route-type.type").RouteType;
-    displayedName: string;
-    description: string;
-    isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
-    RouteQuery: Type<any>;
-    RoutePresenter: Type<any>;
-    RouteBody?: undefined;
-    EntityParam?: undefined;
-} | {
-    routeType: import("../interfaces/dynamic-api-route-type.type").RouteType;
-    displayedName: string;
-    description: string;
-    isPublic: boolean;
-    abilityPredicate: import("../interfaces/dynamic-api-casl-ability.interface").RouteAbilityPredicate<Entity>;
-    EntityParam: typeof EntityParam;
-    RouteQuery: Type<any>;
-    RoutePresenter: Type<any>;
-    RouteBody?: undefined;
 };
 export { getControllerMixinData };

package/src/helpers/controller-mixin.helper.js CHANGED Viewed

@@ -47,26 +47,17 @@ function buildDeletePresenterDTO(displayedName, version, CustomPresenter) {
     class RoutePresenter extends (CustomPresenter ?? dtos_1.DeletePresenter) {
     }
     Object.defineProperty(RoutePresenter, 'name', {
-        value: CustomPresenter ? CustomPresenter.name : `Delete${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Presenter`,
+        value: `Delete${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Presenter`,
         writable: false,
     });
     return RoutePresenter;
 }
-function buildDefaultRouteQuery(entity, routeType, displayedName, version, CustomQuery) {
-    class RouteQuery extends (CustomQuery ?? dtos_1.EntityQuery) {
-    }
-    Object.defineProperty(RouteQuery, 'name', {
-        value: CustomQuery ? CustomQuery.name : `${routeType}${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Query`,
-        writable: false,
-    });
-    return RouteQuery;
-}
 function buildDefaultRouteBody(entity, routeType, displayedName, version, CustomBody) {
     const optionalBody = routeType !== 'CreateOne' && routeType !== 'ReplaceOne';
     class RouteBody extends (CustomBody ?? (0, mixins_1.EntityBodyMixin)(entity, optionalBody)) {
     }
     Object.defineProperty(RouteBody, 'name', {
-        value: CustomBody ? CustomBody.name : `${routeType}${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Dto`,
+        value: `${routeType}${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Dto`,
         writable: false,
     });
     return RouteBody;
@@ -75,18 +66,19 @@ function buildDefaultRoutePresenter(entity, routeType, displayedName, version, C
     class RoutePresenter extends (CustomPresenter ?? (0, mixins_1.EntityPresenterMixin)(entity)) {
     }
     Object.defineProperty(RoutePresenter, 'name', {
-        value: CustomPresenter ? CustomPresenter.name : `${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Presenter`,
+        value: CustomPresenter
+            ? `${routeType}${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Presenter`
+            : `${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Presenter`,
         writable: false,
     });
     return RoutePresenter;
 }
 function getDTOsByRouteType(entity, routeType, displayedName, version, dTOs) {
-    const { query: CustomQuery, body: CustomBody, presenter: CustomPresenter, } = dTOs ?? {};
+    const { body: CustomBody, presenter: CustomPresenter, } = dTOs ?? {};
     Object.defineProperty(dtos_1.EntityParam, 'name', {
         value: `${displayedName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}Param`,
         writable: false,
     });
-    const RouteQuery = buildDefaultRouteQuery(entity, routeType, displayedName, version, CustomQuery);
     const RouteBody = buildDefaultRouteBody(entity, routeType, displayedName, version, CustomBody);
     const RoutePresenter = buildDefaultRoutePresenter(entity, routeType, displayedName, version, CustomPresenter);
     switch (routeType) {
@@ -121,13 +113,11 @@ function getDTOsByRouteType(entity, routeType, displayedName, version, dTOs) {
             };
         case 'GetMany':
             return {
-                RouteQuery,
                 RoutePresenter,
             };
         case 'GetOne':
             return {
                 EntityParam: dtos_1.EntityParam,
-                RouteQuery,
                 RoutePresenter,
             };
         default:

package/src/helpers/format.helper.d.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+import { RouteType } from '../interfaces';
 export declare function pascalCase(str?: string): string;
 export declare function isValidVersion(version: string): boolean;
 export declare function getFormattedApiTag<Entity>(apiTag: string | undefined, entityName: string): string;
+export declare function getNamePrefix(routeType: RouteType, entityName: string, version: string | undefined): string;

package/src/helpers/format.helper.js CHANGED Viewed

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getFormattedApiTag = exports.isValidVersion = exports.pascalCase = void 0;
+exports.getNamePrefix = exports.getFormattedApiTag = exports.isValidVersion = exports.pascalCase = void 0;
 const lodash_1 = require("lodash");
+const versioning_config_helper_1 = require("./versioning-config.helper");
 function pascalCase(str) {
     return str ? (0, lodash_1.upperFirst)((0, lodash_1.camelCase)(str)) : undefined;
 }
@@ -14,3 +15,7 @@ function getFormattedApiTag(apiTag, entityName) {
     return pascalCase(apiTag) ?? entityName;
 }
 exports.getFormattedApiTag = getFormattedApiTag;
+function getNamePrefix(routeType, entityName, version) {
+    return `${routeType}${entityName}${(0, versioning_config_helper_1.addVersionSuffix)(version)}`;
+}
+exports.getNamePrefix = getNamePrefix;

package/src/interfaces/dynamic-api-ability.interface.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { BaseEntity } from '../models';
+import { RouteType } from './dynamic-api-route-type.type';
+type AbilityPredicate<Entity extends BaseEntity, User = any> = (entity: Entity, user: User) => boolean;
+type RegisterAbilityPredicate<User = any> = (user: User) => boolean;
+type ControllerAbilityPredicate<Entity extends BaseEntity> = {
+    targets: RouteType[];
+    predicate: AbilityPredicate<Entity>;
+};
+export { ControllerAbilityPredicate, RegisterAbilityPredicate, AbilityPredicate, };

package/src/interfaces/dynamic-api-ability.interface.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/src/interfaces/dynamic-api-controller-options.interface.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { ValidationPipeOptions } from '@nestjs/common';
 import { BaseEntity } from '../models';
-import { ControllerAbilityPredicate } from './dynamic-api-casl-ability.interface';
+import { ControllerAbilityPredicate } from './dynamic-api-ability.interface';
 interface DynamicApiControllerOptions<Entity extends BaseEntity> {
     path: string;
     apiTag?: string;

package/src/interfaces/dynamic-api-policy-handler.interface.d.ts CHANGED Viewed

@@ -1,14 +1,8 @@
 import { ExecutionContext } from '@nestjs/common';
-import { Reflector } from '@nestjs/core';
 import { BaseEntity } from '../models';
-import { AppAbility } from './dynamic-api-casl-ability.interface';
-interface IPolicyHandler<Entity extends BaseEntity> {
-    handle(ability: AppAbility<Entity>): boolean;
-}
-type PolicyHandlerCallback<Entity extends BaseEntity> = (ability: AppAbility<Entity>) => boolean;
-type PolicyHandler<Entity extends BaseEntity> = IPolicyHandler<Entity> | PolicyHandlerCallback<Entity>;
+import { BaseService } from '../services';
 interface PoliciesGuard<Entity extends BaseEntity> {
-    canActivate(context: ExecutionContext): boolean;
+    canActivate(context: ExecutionContext): boolean | Promise<boolean>;
 }
-type PoliciesGuardConstructor<Entity extends BaseEntity> = new (reflector: Reflector) => PoliciesGuard<Entity>;
-export { PolicyHandler, PoliciesGuardConstructor, PoliciesGuard };
+type PoliciesGuardConstructor<Entity extends BaseEntity> = new (service: BaseService<Entity>) => PoliciesGuard<Entity>;
+export { PoliciesGuardConstructor, PoliciesGuard };

package/src/interfaces/dynamic-api-route-config.interface.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { ValidationPipeOptions } from '@nestjs/common';
 import { BaseEntity } from '../models';
-import { RouteAbilityPredicate } from './dynamic-api-casl-ability.interface';
+import { AbilityPredicate } from './dynamic-api-ability.interface';
 import { DTOsBundle } from './dynamic-api-route-dtos-bundle.type';
 import { RouteType } from './dynamic-api-route-type.type';
 interface DynamicAPIRouteConfig<Entity extends BaseEntity> {
@@ -10,6 +10,6 @@ interface DynamicAPIRouteConfig<Entity extends BaseEntity> {
     version?: string;
     dTOs?: DTOsBundle;
     validationPipeOptions?: ValidationPipeOptions;
-    abilityPredicate?: RouteAbilityPredicate<Entity>;
+    abilityPredicate?: AbilityPredicate<Entity>;
 }
 export { DynamicAPIRouteConfig };

package/src/interfaces/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 export * from './dynamic-api-controller-options.interface';
 export * from './dynamic-api-decorator-builder.interface';
 export * from './dynamic-api-cache-options.interface';
-export * from './dynamic-api-casl-ability.interface';
+export * from './dynamic-api-ability.interface';
 export * from './dynamic-api-entity-mappers.interface';
 export * from './dynamic-api-global-state.interface';
 export * from './dynamic-api-options.interface';

package/src/interfaces/index.js CHANGED Viewed

@@ -17,7 +17,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./dynamic-api-controller-options.interface"), exports);
 __exportStar(require("./dynamic-api-decorator-builder.interface"), exports);
 __exportStar(require("./dynamic-api-cache-options.interface"), exports);
-__exportStar(require("./dynamic-api-casl-ability.interface"), exports);
+__exportStar(require("./dynamic-api-ability.interface"), exports);
 __exportStar(require("./dynamic-api-entity-mappers.interface"), exports);
 __exportStar(require("./dynamic-api-global-state.interface"), exports);
 __exportStar(require("./dynamic-api-options.interface"), exports);

package/src/mixins/create-policies-guard.mixin.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { Type } from '@nestjs/common';
-import { RouteAbilityPredicate, PoliciesGuardConstructor, RouteType } from '../interfaces';
+import { AbilityPredicate, PoliciesGuardConstructor, RouteType } from '../interfaces';
 import { BaseEntity } from '../models';
-declare function CreatePoliciesGuardMixin<Entity extends BaseEntity>(entity: Type<Entity>, routeType: RouteType, version: string | undefined, abilityPredicate: RouteAbilityPredicate<Entity> | undefined): PoliciesGuardConstructor<Entity>;
+import { BaseService } from '../services';
+declare function CreatePoliciesGuardMixin<Entity extends BaseEntity, Service extends BaseService<Entity>>(entity: Type<Entity>, routeType: RouteType, version: string | undefined, abilityPredicate: AbilityPredicate<Entity> | undefined): PoliciesGuardConstructor<Entity>;
 export { CreatePoliciesGuardMixin };

package/src/mixins/create-policies-guard.mixin.js CHANGED Viewed

@@ -8,17 +8,19 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CreatePoliciesGuardMixin = void 0;
 const common_1 = require("@nestjs/common");
-const core_1 = require("@nestjs/core");
 const guards_1 = require("../guards");
 const helpers_1 = require("../helpers");
 function CreatePoliciesGuardMixin(entity, routeType, version, abilityPredicate) {
     let RoutePoliciesGuard = class RoutePoliciesGuard extends guards_1.BasePoliciesGuard {
-        constructor(reflector) {
-            super(reflector);
-            this.reflector = reflector;
+        constructor(service) {
+            super(service);
+            this.service = service;
             this.routeType = routeType;
             this.entity = entity;
             this.abilityPredicate = abilityPredicate;
@@ -26,10 +28,11 @@ function CreatePoliciesGuardMixin(entity, routeType, version, abilityPredicate)
     };
     RoutePoliciesGuard = __decorate([
         (0, common_1.Injectable)(),
-        __metadata("design:paramtypes", [core_1.Reflector])
+        __param(0, (0, common_1.Inject)(`${(0, helpers_1.getNamePrefix)(routeType, entity.name, version)}Service`)),
+        __metadata("design:paramtypes", [Object])
     ], RoutePoliciesGuard);
     Object.defineProperty(RoutePoliciesGuard, 'name', {
-        value: `${routeType}${entity.name}${(0, helpers_1.addVersionSuffix)(version)}PoliciesGuard`,
+        value: `${(0, helpers_1.getNamePrefix)(routeType, entity.name, version)}PoliciesGuard`,
         writable: false,
     });
     return RoutePoliciesGuard;

package/src/modules/auth/mixins/auth-controller.mixin.js CHANGED Viewed

@@ -23,6 +23,9 @@ const guards_1 = require("../guards");
 const auth_register_policies_guard_mixin_1 = require("./auth-register-policies-guard.mixin");
 function AuthControllerMixin(userEntity, loginField, passwordField, additionalRequestFields = [], { additionalFields: additionalRegisterFields, protected: registerProtected, abilityPredicate: registerAbilityPredicate, } = {}) {
     var _a;
+    if (!loginField || !passwordField) {
+        throw new Error('Login and password fields are required');
+    }
     class AuthBodyPasswordFieldDto {
     }
     _a = passwordField;
@@ -36,6 +39,9 @@ function AuthControllerMixin(userEntity, loginField, passwordField, additionalRe
     }
     const additionalMandatoryFields = [];
     const additionalOptionalFields = [];
+    if (!additionalRegisterFields) {
+        additionalRegisterFields = [];
+    }
     additionalRegisterFields.forEach((field) => {
         if (typeof field === 'string') {
             additionalOptionalFields.push(field);
@@ -107,7 +113,6 @@ function AuthControllerMixin(userEntity, loginField, passwordField, additionalRe
         (0, swagger_1.ApiOkResponse)({ type: AuthPresenter }),
         (0, common_1.Post)('register'),
         (0, common_1.UseGuards)(AuthRegisterPoliciesGuard),
-        (0, decorators_1.CheckPolicies)((ability) => ability.can(auth_register_policies_guard_mixin_1.registerRouteType, userEntity)),
         __param(0, (0, common_1.Body)()),
         __metadata("design:type", Function),
         __metadata("design:paramtypes", [AuthRegisterDto]),

package/src/modules/auth/mixins/auth-register-policies-guard.mixin.d.ts CHANGED Viewed

@@ -1,6 +1,5 @@
 import { Type } from '@nestjs/common';
-import { RegisterAbilityPredicate, PoliciesGuardConstructor, RouteType } from '../../../interfaces';
+import { PoliciesGuardConstructor, RegisterAbilityPredicate } from '../../../interfaces';
 import { BaseEntity } from '../../../models';
-declare const registerRouteType: RouteType;
 declare function AuthRegisterPoliciesGuardMixin<Entity extends BaseEntity>(entity: Type<Entity>, abilityPredicate: RegisterAbilityPredicate | undefined): PoliciesGuardConstructor<Entity>;
-export { AuthRegisterPoliciesGuardMixin, registerRouteType };
+export { AuthRegisterPoliciesGuardMixin };

package/src/modules/auth/mixins/auth-register-policies-guard.mixin.js CHANGED Viewed

@@ -5,54 +5,25 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
     else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.registerRouteType = exports.AuthRegisterPoliciesGuardMixin = void 0;
-const ability_1 = require("@casl/ability");
+exports.AuthRegisterPoliciesGuardMixin = void 0;
 const common_1 = require("@nestjs/common");
-const core_1 = require("@nestjs/core");
-const decorators_1 = require("../../../decorators");
-const registerRouteType = 'register';
-exports.registerRouteType = registerRouteType;
 function AuthRegisterPoliciesGuardMixin(entity, abilityPredicate) {
     let BaseAuthRegisterPoliciesGuard = class BaseAuthRegisterPoliciesGuard {
-        constructor(reflector) {
-            this.reflector = reflector;
+        constructor() {
             this.entity = entity;
             this.abilityPredicate = abilityPredicate;
         }
         canActivate(context) {
-            const policyHandlers = this.reflector.get(decorators_1.CHECK_POLICIES_KEY, context.getHandler());
-            if (!policyHandlers || !this.abilityPredicate) {
-                return true;
-            }
             let { user } = context.switchToHttp().getRequest();
-            if (!user) {
-                throw new common_1.ForbiddenException('Forbidden resource');
-            }
-            const { can, build } = new ability_1.AbilityBuilder(ability_1.createMongoAbility);
-            if (abilityPredicate(user)) {
-                can(registerRouteType, entity);
-            }
-            const ability = build({
-                detectSubjectType: (object) => object.constructor,
-            });
-            return policyHandlers.every((handler) => {
-                return this.execPolicyHandler(handler, ability);
-            });
-        }
-        execPolicyHandler(handler, ability) {
-            if (typeof handler === 'function') {
-                return handler(ability);
+            if (this.abilityPredicate && (!user || !this.abilityPredicate(user))) {
+                throw new common_1.ForbiddenException('Access denied');
             }
-            return handler.handle(ability);
+            return true;
         }
     };
     BaseAuthRegisterPoliciesGuard = __decorate([
-        (0, common_1.Injectable)(),
-        __metadata("design:paramtypes", [core_1.Reflector])
+        (0, common_1.Injectable)()
     ], BaseAuthRegisterPoliciesGuard);
     return BaseAuthRegisterPoliciesGuard;
 }