npm - najm-auth - Versions diffs - 1.1.1 → 1.1.2 - Mend

najm-auth 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.js +120 -3
package/package.json +2 -2
package/dist/index.d.ts +0 -1466
package/dist/schema/mysql.d.ts +0 -1297
package/dist/schema/pg.d.ts +0 -1300
package/dist/schema/sqlite.d.ts +0 -1439

package/dist/index.js CHANGED Viewed

@@ -1849,12 +1849,16 @@ __export(roles_exports, {
   RoleValidator: () => RoleValidator,
   assignRoleDto: () => assignRoleDto,
   createRoleDto: () => createRoleDto,
+  defineRoles: () => defineRoles,
   isAdmin: () => isAdmin,
   isAdministrator: () => isAdministrator,
   roleIdParam: () => roleIdParam,
   updateRoleDto: () => updateRoleDto
 });
+// src/roles/defineRoles.ts
+import { composeGuards as composeGuards2, createGuard as createGuard3 } from "najm-guard";
 // src/roles/RoleGuards.ts
 import { Service as Service3 } from "najm-core";
 import { GuardParams, User as User2 } from "najm-core";
@@ -1902,6 +1906,35 @@ var Role = createGuard2(RoleGuard);
 var isAdmin = composeGuards(isAuth(), Role(ROLES.ADMIN));
 var isAdministrator = composeGuards(isAuth(), Role(ROLE_GROUPS.ADMINISTRATORS));
+// src/roles/defineRoles.ts
+var Role2 = createGuard3(RoleGuard);
+function defineRoles(roles) {
+  const ROLES2 = roles;
+  const guards2 = {};
+  for (const [key, value] of Object.entries(roles)) {
+    const name = `is${key.charAt(0).toUpperCase()}${key.slice(1).toLowerCase()}`;
+    guards2[name] = composeGuards2(isAuth(), Role2(value));
+  }
+  function createGroupGuard(keys) {
+    const values = keys.map((k) => roles[k]);
+    return composeGuards2(isAuth(), Role2(values));
+  }
+  __name(createGroupGuard, "createGroupGuard");
+  function hasRole(userRole, ...keys) {
+    if (!userRole)
+      return false;
+    const normalized = userRole.toLowerCase();
+    return keys.some((k) => roles[k] === normalized);
+  }
+  __name(hasRole, "hasRole");
+  function isInGroup(userRole, keys) {
+    return hasRole(userRole, ...keys);
+  }
+  __name(isInGroup, "isInGroup");
+  return { ROLES: ROLES2, createGroupGuard, hasRole, isInGroup, ...guards2 };
+}
+__name(defineRoles, "defineRoles");
 // src/roles/RoleController.ts
 import { Controller as Controller2 } from "najm-core";
 import { Get as Get2, Post as Post2, Put, Delete, ResMsg as ResMsg2 } from "najm-core";
@@ -2332,7 +2365,7 @@ PermissionRepository = __decorate17([
 // src/permissions/PermissionGuards.ts
 import { Injectable as Injectable8 } from "najm-core";
 import { GuardParams as GuardParams2, User as User3 } from "najm-core";
-import { createGuard as createGuard3, composeGuards as composeGuards2 } from "najm-guard";
+import { createGuard as createGuard4, composeGuards as composeGuards3 } from "najm-guard";
 var __decorate18 = function(decorators, target, key, desc) {
   var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
   if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -2385,8 +2418,8 @@ __decorate18([
 PermissionGuard = __decorate18([
   Injectable8()
 ], PermissionGuard);
-var Permission = createGuard3(PermissionGuard);
-var Can = /* @__PURE__ */ __name((permission) => composeGuards2(isAuth(), Permission(permission))(), "Can");
+var Permission = createGuard4(PermissionGuard);
+var Can = /* @__PURE__ */ __name((permission) => composeGuards3(isAuth(), Permission(permission))(), "Can");
 var canCreate = /* @__PURE__ */ __name((resource) => Can(`create:${resource}`), "canCreate");
 var canRead = /* @__PURE__ */ __name((resource) => Can(`read:${resource}`), "canRead");
 var canUpdate = /* @__PURE__ */ __name((resource) => Can(`update:${resource}`), "canUpdate");
@@ -2980,6 +3013,85 @@ var selectSchema = /* @__PURE__ */ __name((config) => {
 }, "selectSchema");
 var auth = /* @__PURE__ */ __name((config) => plugin("auth").version("1.0.0").depends(cache(), cookies(), i18n(), guards(), validation(config?.validation), rateLimit(config?.rateLimit), email()).requires("database").contributes(I18N_CONTRIBUTIONS, AUTH_LOCALES).services(auth_exports, users_exports, roles_exports, permissions_exports, tokens_exports).config(AUTH_CONFIG, mergeConfig(config)).set(AUTH_SCHEMA, selectSchema(config)).build(), "auth");
+// src/ownership/createResourceGuards.ts
+import { Injectable as Injectable11, Inject as Inject9, User as User4, Params as Params4 } from "najm-core";
+import { createGuard as createGuard5, composeGuards as composeGuards4 } from "najm-guard";
+var __decorate22 = function(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata22 = function(k, v) {
+  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param9 = function(paramIndex, decorator) {
+  return function(target, key) {
+    decorator(target, key, paramIndex);
+  };
+};
+function createResourceGuards(ownershipClass, resourceType, resource, options) {
+  var _a15, _b9;
+  const writeGuard = options?.adminGuard ?? isAdmin;
+  let AccessGuard = class AccessGuard {
+    static {
+      __name(this, "AccessGuard");
+    }
+    ownership;
+    async canActivate(user, id) {
+      const allowed = await this.ownership.canAccess(user, resourceType, id);
+      return allowed ? { owner: user } : false;
+    }
+  };
+  __decorate22([
+    Inject9(ownershipClass),
+    __metadata22("design:type", Object)
+  ], AccessGuard.prototype, "ownership", void 0);
+  __decorate22([
+    __param9(0, User4()),
+    __param9(1, Params4("id")),
+    __metadata22("design:type", Function),
+    __metadata22("design:paramtypes", [Object, String]),
+    __metadata22("design:returntype", typeof (_a15 = typeof Promise !== "undefined" && Promise) === "function" ? _a15 : Object)
+  ], AccessGuard.prototype, "canActivate", null);
+  AccessGuard = __decorate22([
+    Injectable11()
+  ], AccessGuard);
+  let ListGuard = class ListGuard {
+    static {
+      __name(this, "ListGuard");
+    }
+    ownership;
+    async canActivate(user) {
+      const ids = await this.ownership.getAccessibleIds(user, resourceType);
+      return { filter: ids };
+    }
+  };
+  __decorate22([
+    Inject9(ownershipClass),
+    __metadata22("design:type", Object)
+  ], ListGuard.prototype, "ownership", void 0);
+  __decorate22([
+    __param9(0, User4()),
+    __metadata22("design:type", Function),
+    __metadata22("design:paramtypes", [Object]),
+    __metadata22("design:returntype", typeof (_b9 = typeof Promise !== "undefined" && Promise) === "function" ? _b9 : Object)
+  ], ListGuard.prototype, "canActivate", null);
+  ListGuard = __decorate22([
+    Injectable11()
+  ], ListGuard);
+  const access = createGuard5(AccessGuard);
+  const list = createGuard5(ListGuard);
+  return {
+    canRead: composeGuards4(Can(`read:${resource}`), access()),
+    canUpdate: composeGuards4(Can(`update:${resource}`), access()),
+    canCreate: composeGuards4(Can(`create:${resource}`), writeGuard()),
+    canDelete: composeGuards4(Can(`delete:${resource}`), writeGuard()),
+    canList: composeGuards4(Can(`read:${resource}`), list())
+  };
+}
+__name(createResourceGuards, "createResourceGuards");
 // src/seed.ts
 import { hash } from "bcryptjs";
 var toSeedId = /* @__PURE__ */ __name((prefix, value) => {
@@ -3162,9 +3274,11 @@ export {
   clean,
   confirmResetPasswordDto,
   createPermissionDto,
+  createResourceGuards,
   createRoleDto,
   createTokenDto,
   createUserDto,
+  defineRoles,
   emailParam,
   formatDate,
   getAuthLocale,
@@ -3189,6 +3303,8 @@ export {
   rolesTable,
   seedAuthData,
   tokenIdParam,
+  tokenStatusEnum,
+  tokenTypeEnum,
   tokensTable,
   updatePermissionDto,
   updateRoleDto,
@@ -3196,6 +3312,7 @@ export {
   updateUserDto,
   userIdInParam,
   userIdParam,
+  userStatusEnum,
   usersTable,
   verifyTokenDto
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "najm-auth",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "description": "Authentication and authorization library for najm framework",
   "type": "module",
   "files": [
@@ -64,7 +64,7 @@
   "dependencies": {
     "najm-cookies": "^1.1.1",
     "najm-core": "^1.1.1",
-    "najm-database": "^1.1.1",
+    "najm-database": "^1.1.2",
     "najm-guard": "^1.1.1",
     "najm-i18n": "^1.1.1",
     "najm-cache": "^1.1.1",