nestjs-iacry 0.2.0 → 0.2.1

package/.husky/commit-msg

@@ -0,0 +1 @@
+npx commitlint --edit $1

package/.husky/pre-commit

@@ -0,0 +1 @@
+npx lint-staged

package/CHANGELOG.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [0.2.1](https://github.com/AlexanderC/nestjs-iacry/compare/v0.2.0...v0.2.1) (2026-02-19)
+
 ## [0.2.0](https://github.com/AlexanderC/nestjs-iacry/compare/v0.0.12...v0.2.0) (2023-07-10)
 
 ### [0.0.12](https://github.com/AlexanderC/nestjs-iacry/compare/v0.0.10...v0.0.12) (2022-12-07)

package/README.md

@@ -5,7 +5,7 @@
 </p>
 
 <p align="center">
-  An Identity and Access Control (Management) module for Nest framework (node.js) highly inspired by the <a href="https://aws.amazon.com/iam/">AWS IAM</a>.
+  <b>Identity and Access Management (IAM)</b> module for NestJS, inspired by <a href="https://aws.amazon.com/iam/">AWS IAM</a>.
 </p>
 
 <p align="center">
@@ -14,256 +14,75 @@
   <a href="https://npmjs.com/package/nestjs-iacry"><img src="https://img.shields.io/npm/dm/nestjs-iacry.svg" alt="NPM Downloads" /></a>
 </p>
 
-### Installation
+## Overview
 
-```sh
-npm install --save nestjs-iacry sequelize-typescript
-#or
-yarn add nestjs-iacry sequelize-typescript
-```
-
-> Important: `sequelize-typescript` is required if you are using `sequelize` policy storage model.
-
-### Configuration
-
-Configure policy storage using sequelize adapter:
-```typescript
-// models/policies-storage.model.ts
-import { PoliciesStorageSequelizeModel } from 'nestjs-iacry';
-
-export default class PoliciesStorage extends PoliciesStorageSequelizeModel<PoliciesStorage> {  }
-```
-
-Configure your models:
-```typescript
-// models/user.model.ts
-import { IACryEntity } from 'nestjs-iacry';
-
-// You might optionally use dynamic name fields to allow matching like "Principal: 'admin:*'"
-// @IACryEntity({ nameField: 'role' })
-@IACryEntity() 
-@Table({})
-export default class User extends Model<User> {
-  id: string;
-  role?: string; // nameField
-}
-
-// models/book.model.ts
-import { IACryEntity } from 'nestjs-iacry';
-
-@IACryEntity()
-@Table({})
-export default class Book extends Model<Book> {
-  id: string;
-}
-```
-
-And finaly include the module and the service *(assume using [Nestjs Configuration](https://docs.nestjs.com/techniques/configuration))*:
-```typescript
-// src/app.module.ts
-import { IACryModule, Effect, PolicyInterface, SEQUELIZE_STORAGE, IOREDIS_CACHE } from 'nestjs-iacry';
-import PolicyStorage from '../models/policy-storage.model';
-
-@Module({
-  imports: [
-    IACryModule.forRootAsync({
-      imports: [ConfigModule, RedisModule],
-      inject: [ConfigService, RedisService],
-      useFactory: async (configService: ConfigService, redisService: RedisService) => {
-        return {
-          storage: SEQUELIZE_STORAGE, // dynamic policy storage (e.g. sequelize)
-          storageRepository: PolicyStorage, // if database storage specified
-          cache: IOREDIS_CACHE, // dynamic policy storage cache (e.g. ioredis)
-          cacheClient: <IORedis.Redis>await redisService.getClient(), // if cache adapter was specified
-          cacheOptions: { expire: 600 }, // policy cache expires in 10 minutes (default 1 hour)
-          policies: [ // some hardcoded policies...
-            ...configService.get<Array<string | PolicyInterface>>('policies'),
-            {
-              // allow any action to be performed by the user
-              Effect: Effect.ALLOW,
-              Action: '*',
-              // If used "@IACryEntity({ nameField: 'role' })" you might specify "admin"
-              Principal: 'user',
-            },
-          ],
-        };
-      },
-    }),
-  ],
-},
-```
-
-### Usage
+`nestjs-iacry` provides fine-grained, policy-based access control for NestJS applications. Define Allow/Deny policies with glob-pattern matching on Actions, Resources, and Principals — then enforce them via route decorators or a programmatic service API.
 
-Using firewall guard in controllers:
-```typescript
-// src/some-fancy.controller.ts
-import { Controller, Post, UseGuards } from '@nestjs/common';
-import { IACryAction, IACryResource, IACryPrincipal, IACryFirewall, IACryFirewallGuard } from 'nestjs-iacry';
+## Features
 
-@Controller()
-export class BookController {
-  @IACryAction('book:update')
-  @IACryResource('book:{params.id}') // {params.id} is replaced with req.params.id [OPTIONAL]
-  @IACryPrincipal() // taken from req.user by default
-  @UseGuards(JwtAuthGuard, IACryFirewallGuard)
-  @Post('book/:id')
-  async update(@Request() req) { }
+- **AWS IAM-inspired policies** — familiar Allow/Deny model with Action, Resource, and Principal fields
+- **Multiple storage backends** — Sequelize, TypeORM, in-memory, or bring your own
+- **Decorator-based route guards** — `@IACryFirewall`, `@IACryAction`, `@IACryResource`, `@IACryPrincipal`
+- **Programmatic API** — `IACryService.isGranted()` for imperative checks
+- **Glob-pattern matching** — wildcards, negation, pipes via [micromatch](https://github.com/micromatch/micromatch)
+- **Optional caching** — ioredis with configurable TTL, or custom cache adapters
+- **Sid-based policy management** — for system-managed policy lifecycles
 
-  // ...or the definition above might be replaced with a shorthand...
-  @IACryFirewall({ resource: 'book:{params.id}' })
-  @UseGuards(JwtAuthGuard, IACryFirewallGuard)
-  @Post('book/:id')
-  async update(@Request() req) { }
+## Documentation
 
-  // ...you might also combine them...
-  @IACryFirewall()
-  @IACryResource('book:{params.id}')
-  @UseGuards(JwtAuthGuard, IACryFirewallGuard)
-  @Post('book/:id')
-  async update(@Request() req) { }
-}
-```
-
-> Important: check out the `FirewallOptions` definition below:
-> ```typescript
-> export interface FirewallOptions {
->   action?: Action, // default "book:update" for BookController.update()
->   resource?: Resource, // default "*"
->   principal?: Principal, // default REQUEST_USER
-> }
-> ```
+Full documentation is available at the **[Documentation Site](https://alexanderc.github.io/nestjs-iacry/)**.
 
-Using the service:
-```typescript
-// src/some-fancy.controller.ts
-import { Controller, Post, UseGuards, UnauthorizedException } from '@nestjs/common';
-import { IACryService } from 'nestjs-iacry';
+- [Getting Started](https://alexanderc.github.io/nestjs-iacry/getting-started) — Installation and basic setup
+- [Configuration](https://alexanderc.github.io/nestjs-iacry/configuration) — Module options and async configuration
+- [Storage Adapters](https://alexanderc.github.io/nestjs-iacry/storage-adapters) — Sequelize, TypeORM, custom adapters
+- [Decorators](https://alexanderc.github.io/nestjs-iacry/decorators) — Route-level authorization
+- [Service API](https://alexanderc.github.io/nestjs-iacry/service-api) — Programmatic policy management
+- [Policies](https://alexanderc.github.io/nestjs-iacry/policies) — Policy structure and pattern matching
+- [Caching](https://alexanderc.github.io/nestjs-iacry/caching) — Redis and custom cache adapters
+- [Advanced](https://alexanderc.github.io/nestjs-iacry/advanced) — Custom adapters, firewall rules, exports
 
-@Controller()
-export class BookController {
-  constructor(private readonly firewall: IACryService) { }
+## NestJS Compatibility
 
-  @UseGuards(JwtAuthGuard)
-  @Post('book/:id')
-  async update(@User user: User, @Book() book: Book) {
-    if (!this.firewall.isGranted('book:update', user, book)) {
-      throw new UnauthorizedException(`You are not allowed to update book:${book.id}`);
-    }
-  }
-}
-```
+| NestJS Version | nestjs-iacry Version |
+|----------------|---------------------|
+| 11.x           | >= 0.3.0            |
+| 10.x           | >= 0.2.0            |
+| 9.x            | >= 0.0.12           |
 
-Manage user policies:
-```typescript
-import { IACryService, Effect } from 'nestjs-iacry';
+## Test Coverage
 
-let firewall: IACryService;
-let user: User;
-let book: Book;
-
-const attachedPoliciesCount = await firewall.attach(user, [
-  // Allow any action on the book service
-  { Effect: Effect.ALLOW, Action: 'book:*'},
-  // allow updating any books to any user except the user with ID=7
-  { Effect: Effect.DENY, Action: ['book:update', 'book:patch'], Principal: 'user:!7' },
-  // deny deleting books to all users
-  { Effect: Effect.DENY, Action: 'book:delete', Principal: ['user:*'] },
-]);
-const attachedPoliciesCount = await firewall.upsertBySid(
-  'Some policy Sid (mainly a name)',
-  user,
-  [{ Sid: 'Some policy Sid (mainly a name)', Effect: Effect.ALLOW, Action: 'book:*'}],
-);
-// oneliner to allow user patching and updating but deleting the book
-const attachedPoliciesCount = await firewall.grant('book:patch|update|!delete', user, book);
-const policies = await firewall.retrieve(user);
-const policies = await firewall.retrieveBySid('Some policy Sid (mainly a name)', user);
-const deletedPoliciesCount = await firewall.reset(user);
-```
+| Category | Statements | Branches | Functions | Lines |
+|----------|-----------|----------|-----------|-------|
+| **All files** | **90.25%** | **81.92%** | **87.5%** | **90.27%** |
+| Core (policy, matcher, firewall) | 100% | 91%+ | 100% | 100% |
+| Decorators | 97%+ | 80%+ | 100% | 97%+ |
+| Errors | 100% | 100% | 100% | 100% |
+| Helpers | 100% | 94% | 100% | 100% |
+| Storages | 86%+ | 81%+ | 80%+ | 86%+ |
 
-Managing a policy by it's Sid might be useful when automating policy assignments.
-E.g. granting `book:update|patch|delete` on books created by the user is possible by upserting
-a system managed policy w/ the sid `system:user:book` as follows:
+**149 tests** across **19 test suites**.
 
-```typescript
-import { IACryService, Effect } from 'nestjs-iacry';
+## Development
 
-let firewall: IACryService;
-let user: User;
-let newBook: Book;
-
-const BOOK_SID = 'system:user:book';
-let policies = await firewall.retrieveBySid(BOOK_SID, user);
-
-if (policies.length > 0) {
-  policies[0] = policies[0].toJSON();
-  policies[0].Resource.push(newBook.toDynamicIdentifier());
-} else {
-  policies = [{
-    Sid: BOOK_SID, // frankly speaking this is optional o_O...
-    Effect: Effect.ALLOW,
-    Action: 'book:update|patch|delete',
-    Resource: [newBook.toDynamicIdentifier()],
-  }];
-}
-
-await firewall.upsertBySid(BOOK_SID, user, policies);
-```
-
-### Documentation
-
-#### Policy Definition
-
-Structure:
-```typescript
-interface PolicyInterface {
-  Sid?: string, // policy identifier
-  Effect: 'Allow' | 'Deny', // Allow | Deny
-  Action: string | { service: string, action: string } | Array<string | { service: string, action: string }>, // Which action: e.g. "book:update"
-  Resource?: string | { entity: string, id: number | string } | Array<string | { entity: string, id: number | string }>, // Action object: e.g. "book:33"
-  Principal?: string | { entity: string, id: number | string } | Array<string | { entity: string, id: number | string }>, // Whom: e.g. "user:1"
-}
-```
-
-Syntax Sugar:
-
-- **DIs might be negated** which would mean that a `book:!33` would match any book but the one with ID=33.
-- **DIs might be piped/or-ed** which would mean that a `book:!(update|delete)` would allow any action BUT updating or deleting a book.
-- **DIs might contain complex match patterns** which would mean that a principal `*/admin:!33` would match an admin user from any namespace but the one with ID=33.
-
-> More information about how `micromatch` matches strings [can be found here](https://github.com/micromatch/micromatch#matching-features).
-
-> Important: Within the matcher `*` is replaced with `**` automatically, thus a single `*` won't work as of original micromatch docs. 
-
-**Dynamic Identifiers** or **DIs** are considered `Action`, `Resource` and `Principal` properties.
-
-### Development
-
-Running tests:
 ```bash
+# Run tests
 npm test
-```
 
-Releasing:
-```bash
+# Build
+npm run build
+
+# Release
 npm run format
-npm run release # npm run patch|minor|major
+npm run release    # or: npm run patch | minor | major
 npm run deploy
 ```
 
-### TODO
-
-- [ ] Implement an abstraction over the system managed policies
-- [ ] Implement policy conditional statements (e.g. update books that the user created himself)
-- [ ] Add more built in conditional matchers to cover basic use-cases
-- [ ] Cover most of codebase w/ tests
-- [ ] Add comprehensive Documentation
+## Contributing
 
-### Contributing
+Contributions are welcome! Please open an issue or submit a pull request.
 
-* [Alex Cucer](https://github.com/AlexanderC)
+- [Alex Cucer](https://github.com/AlexanderC)
 
-### License
+## License
 
 MIT

package/dist/constants.d.ts

@@ -1,5 +1,6 @@
 export declare const IACRY_OPTIONS = "IACRY_OPTIONS";
 export declare const SEQUELIZE_STORAGE = "sequelize";
+export declare const TYPEORM_STORAGE = "typeorm";
 export declare const IOREDIS_CACHE = "ioredis";
 export declare const IS_ALLOWED = "isAllowed";
 export declare const IS_ALLOWED_ANY = "isAllowedAny";

package/dist/constants.js

@@ -1,8 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.IS_ALLOWED_IMPLICIT = exports.IS_ALLOWED_ANY = exports.IS_ALLOWED = exports.IOREDIS_CACHE = exports.SEQUELIZE_STORAGE = exports.IACRY_OPTIONS = void 0;
+exports.IS_ALLOWED_IMPLICIT = exports.IS_ALLOWED_ANY = exports.IS_ALLOWED = exports.IOREDIS_CACHE = exports.TYPEORM_STORAGE = exports.SEQUELIZE_STORAGE = exports.IACRY_OPTIONS = void 0;
 exports.IACRY_OPTIONS = 'IACRY_OPTIONS';
 exports.SEQUELIZE_STORAGE = 'sequelize';
+exports.TYPEORM_STORAGE = 'typeorm';
 exports.IOREDIS_CACHE = 'ioredis';
 exports.IS_ALLOWED = 'isAllowed';
 exports.IS_ALLOWED_ANY = 'isAllowedAny';

package/dist/decorators/action.d.ts

@@ -1,4 +1,4 @@
 import { ExecutionContext } from '@nestjs/common';
 import { Action } from '../interfaces/policy';
-export declare const extractDynamicIdentifier: (target: object | Function, ctx?: ExecutionContext) => any;
+export declare const extractDynamicIdentifier: (target: object | Function, ctx?: ExecutionContext) => Action | any | null;
 export declare function Action(action?: Action): MethodDecorator;

package/dist/decorators/action.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Action = exports.extractDynamicIdentifier = void 0;
+exports.extractDynamicIdentifier = void 0;
+exports.Action = Action;
 const policy_1 = require("../interfaces/policy");
 const constants_1 = require("./constants");
 const helper_1 = require("./helper");
@@ -25,4 +26,3 @@ function Action(action) {
         return descriptor;
     };
 }
-exports.Action = Action;

package/dist/decorators/constants.d.ts

@@ -2,9 +2,9 @@ export declare const REQUEST_USER = "{user}";
 export declare const META_PREFIX = "IACRY_META_";
 export declare const ENTITY_META_FIELD: string;
 export declare const ID_META_FIELD: string;
-export declare const ACTION_META_FIELD: string;
-export declare const RESOURCE_META_FIELD: string;
-export declare const PRINCIPAL_META_FIELD: string;
+export declare const ACTION_META_FIELD = "IACRY_META_ACTION";
+export declare const RESOURCE_META_FIELD = "IACRY_META_RESOURCE";
+export declare const PRINCIPAL_META_FIELD = "IACRY_META_PRINCIPAL";
 export declare const CTRL_SERVICE_REGEXP: RegExp;
 export declare const CTRL_ACTION_PLACEHOLDER = "$$IACRY_CTRL$$";
 export declare const VAR_REGEXP: RegExp;

package/dist/decorators/entity.js

@@ -1,6 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Entity = exports.toPlainDynamicIdentifier = exports.toDynamicIdentifier = exports.isEntity = void 0;
+exports.isEntity = isEntity;
+exports.toDynamicIdentifier = toDynamicIdentifier;
+exports.toPlainDynamicIdentifier = toPlainDynamicIdentifier;
+exports.Entity = Entity;
 const decorator_error_1 = require("../errors/decorator.error");
 const policy_1 = require("../interfaces/policy");
 const constants_1 = require("./constants");
@@ -15,7 +18,6 @@ function isEntity(target) {
             'function' &&
         typeof Reflect.getMetadata(constants_1.ID_META_FIELD, target.constructor) === 'function');
 }
-exports.isEntity = isEntity;
 function toDynamicIdentifier(target) {
     if (!isEntity(target)) {
         throw new decorator_error_1.DecoratorError('Target object should use @Entity() decorator');
@@ -25,12 +27,10 @@ function toDynamicIdentifier(target) {
         [policy_1.ID_FIELD]: Reflect.getMetadata(constants_1.ID_META_FIELD, target.constructor)(target),
     };
 }
-exports.toDynamicIdentifier = toDynamicIdentifier;
 function toPlainDynamicIdentifier(target) {
     const dynamicIdentifier = toDynamicIdentifier(target);
     return `${dynamicIdentifier[policy_1.ENTITY_FIELD]}${policy_1.DELIMITER}${dynamicIdentifier[policy_1.ID_FIELD]}`;
 }
-exports.toPlainDynamicIdentifier = toPlainDynamicIdentifier;
 function Entity(options) {
     return (target) => {
         if ((!options || (!options.name && !options.nameField)) && !target.name) {
@@ -49,4 +49,3 @@ function Entity(options) {
             : instance[policy_1.ID_FIELD], target);
     };
 }
-exports.Entity = Entity;

package/dist/decorators/firewall.d.ts

@@ -4,4 +4,4 @@ export interface FirewallOptions {
     resource?: Resource;
     principal?: Principal;
 }
-export declare function Firewall(options?: FirewallOptions): <TFunction extends Function, Y>(target: object | TFunction, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare function Firewall(options?: FirewallOptions): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;

package/dist/decorators/firewall.guard.js

@@ -8,7 +8,7 @@ const iacry_service_1 = require("../iacry.service");
 const action_1 = require("./action");
 const resource_1 = require("./resource");
 const principal_1 = require("./principal");
-let FirewallGuard = exports.FirewallGuard = class FirewallGuard {
+let FirewallGuard = class FirewallGuard {
     constructor(service) {
         this.service = service;
     }
@@ -22,6 +22,7 @@ let FirewallGuard = exports.FirewallGuard = class FirewallGuard {
         return this.service.isGranted(action, principal, resource || iacry_service_1.IACryService.ANY);
     }
 };
+exports.FirewallGuard = FirewallGuard;
 exports.FirewallGuard = FirewallGuard = tslib_1.__decorate([
     (0, common_1.Injectable)(),
     tslib_1.__metadata("design:paramtypes", [iacry_service_1.IACryService])

package/dist/decorators/firewall.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Firewall = void 0;
+exports.Firewall = Firewall;
 const common_1 = require("@nestjs/common");
 const action_1 = require("./action");
 const resource_1 = require("./resource");
@@ -8,4 +8,3 @@ const principal_1 = require("./principal");
 function Firewall(options = {}) {
     return (0, common_1.applyDecorators)((0, action_1.Action)(options.action), (0, principal_1.Principal)(options.principal), ...(options.resource ? [(0, resource_1.Resource)(options.resource)] : []));
 }
-exports.Firewall = Firewall;

package/dist/decorators/helper.js

@@ -1,7 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.dynamicIdentifierExtractor = exports.processTemplate = void 0;
-const dotProp = require("dot-prop");
+exports.processTemplate = processTemplate;
+exports.dynamicIdentifierExtractor = dynamicIdentifierExtractor;
+const tslib_1 = require("tslib");
+const dot_prop_1 = tslib_1.__importDefault(require("dot-prop"));
 const entity_1 = require("./entity");
 const decorator_error_1 = require("../errors/decorator.error");
 const constants_1 = require("./constants");
@@ -11,12 +13,12 @@ function processTemplate(template, context) {
         if (match.index === constants_1.VAR_REGEXP.lastIndex) {
             constants_1.VAR_REGEXP.lastIndex++;
         }
-        let [definition, varPath] = match;
-        varPath = varPath.trim();
-        if (!dotProp.has(context, varPath)) {
+        const [definition, rawVarPath] = match;
+        const varPath = rawVarPath.trim();
+        if (!dot_prop_1.default.has(context, varPath)) {
             throw new decorator_error_1.DecoratorError(`Unable to find ${varPath} property in Request from metadata field`);
         }
-        let varValue = dotProp.get(context, varPath);
+        let varValue = dot_prop_1.default.get(context, varPath);
         if ((0, entity_1.isEntity)(varValue)) {
             varValue = (0, entity_1.toPlainDynamicIdentifier)(varValue);
         }
@@ -24,7 +26,6 @@ function processTemplate(template, context) {
     }
     return template;
 }
-exports.processTemplate = processTemplate;
 function dynamicIdentifierExtractor(metadataField, hooks) {
     return (target, ctx) => {
         if (!Reflect.hasMetadata(metadataField, target)) {
@@ -46,4 +47,3 @@ function dynamicIdentifierExtractor(metadataField, hooks) {
         return value;
     };
 }
-exports.dynamicIdentifierExtractor = dynamicIdentifierExtractor;

package/dist/decorators/principal.d.ts

@@ -1,3 +1,3 @@
 import { Principal } from '../interfaces/policy';
-export declare const extractDynamicIdentifier: (target: object | Function, ctx?: import("@nestjs/common").ExecutionContext) => any;
+export declare const extractDynamicIdentifier: (target: object | Function, ctx?: import("@nestjs/common").ExecutionContext) => Principal | any | null;
 export declare function Principal(principal?: string | Principal): MethodDecorator;

package/dist/decorators/principal.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Principal = exports.extractDynamicIdentifier = void 0;
+exports.extractDynamicIdentifier = void 0;
+exports.Principal = Principal;
 const constants_1 = require("./constants");
 const helper_1 = require("./helper");
 exports.extractDynamicIdentifier = (0, helper_1.dynamicIdentifierExtractor)(constants_1.PRINCIPAL_META_FIELD);
@@ -10,4 +11,3 @@ function Principal(principal) {
         return descriptor;
     };
 }
-exports.Principal = Principal;

package/dist/decorators/resource.d.ts

@@ -1,3 +1,3 @@
 import { Resource } from '../interfaces/policy';
-export declare const extractDynamicIdentifier: (target: object | Function, ctx?: import("@nestjs/common").ExecutionContext) => any;
+export declare const extractDynamicIdentifier: (target: object | Function, ctx?: import("@nestjs/common").ExecutionContext) => Resource | any | null;
 export declare function Resource(resource: Resource): MethodDecorator;

package/dist/decorators/resource.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Resource = exports.extractDynamicIdentifier = void 0;
+exports.extractDynamicIdentifier = void 0;
+exports.Resource = Resource;
 const constants_1 = require("./constants");
 const helper_1 = require("./helper");
 exports.extractDynamicIdentifier = (0, helper_1.dynamicIdentifierExtractor)(constants_1.RESOURCE_META_FIELD);
@@ -10,4 +11,3 @@ function Resource(resource) {
         return descriptor;
     };
 }
-exports.Resource = Resource;

package/dist/helpers/core.d.ts

@@ -1,7 +1,7 @@
 import { PolicyInterface, Action, Resource, Principal, ActionObject, ResourceObject, PrincipalObject, DynamicIdentifier, DynamicIdentifierItem, DynamicIdentifierVector, ANY } from '../interfaces/policy';
 import { Entity } from '../decorators/entity';
 export declare abstract class CoreHelper {
-    static readonly ANY: "*";
+    static readonly ANY: ANY;
     static encode(policy: PolicyInterface, beatify?: boolean): string;
     static decode(rawPolicy: string): PolicyInterface;
     isDynamicVector(x: DynamicIdentifier<Action | Resource | Principal> | DynamicIdentifierVector<Action | Resource | Principal>): x is DynamicIdentifierVector<Action | Resource | Principal>;

package/dist/iacry.module.js

@@ -6,7 +6,7 @@ const tslib_1 = require("tslib");
 const common_1 = require("@nestjs/common");
 const iacry_service_1 = require("./iacry.service");
 const constants_1 = require("./constants");
-let IACryModule = exports.IACryModule = IACryModule_1 = class IACryModule {
+let IACryModule = IACryModule_1 = class IACryModule {
     static forRoot(options) {
         const OptionsProvider = {
             provide: constants_1.IACRY_OPTIONS,
@@ -40,14 +40,12 @@ let IACryModule = exports.IACryModule = IACryModule_1 = class IACryModule {
     static createAsyncOptionsProvider(options) {
         if (options.useFactory) {
             return {
-                name: constants_1.IACRY_OPTIONS,
                 provide: constants_1.IACRY_OPTIONS,
                 useFactory: options.useFactory,
                 inject: options.inject || [],
             };
         }
         return {
-            name: constants_1.IACRY_OPTIONS,
             provide: constants_1.IACRY_OPTIONS,
             useFactory: async (optionsFactory) => {
                 return optionsFactory.createOptions();
@@ -56,6 +54,7 @@ let IACryModule = exports.IACryModule = IACryModule_1 = class IACryModule {
         };
     }
 };
+exports.IACryModule = IACryModule;
 exports.IACryModule = IACryModule = IACryModule_1 = tslib_1.__decorate([
     (0, common_1.Global)(),
     (0, common_1.Module)({})

package/dist/iacry.service.js

@@ -5,6 +5,7 @@ const tslib_1 = require("tslib");
 const common_1 = require("@nestjs/common");
 const firewall_1 = require("./firewall");
 const sequelize_storage_1 = require("./storages/sequelize.storage");
+const typeorm_storage_1 = require("./storages/typeorm.storage");
 const multiple_storage_1 = require("./storages/multiple.storage");
 const global_storage_1 = require("./storages/global.storage");
 const iacry_error_1 = require("./errors/iacry.error");
@@ -14,7 +15,7 @@ const core_1 = require("./helpers/core");
 const ioredis_1 = require("./storages/cache/ioredis");
 const cached_storage_1 = require("./storages/cached.storage");
 const policy_manager_1 = require("./policy.manager");
-let IACryService = exports.IACryService = class IACryService extends policy_manager_1.PolicyManager {
+let IACryService = class IACryService extends policy_manager_1.PolicyManager {
     constructor(options) {
         super(new multiple_storage_1.MultipleStorage());
         this.options = options;
@@ -41,6 +42,9 @@ let IACryService = exports.IACryService = class IACryService extends policy_mana
                         case constants_1.SEQUELIZE_STORAGE:
                             this.storage.storages.push(new sequelize_storage_1.SequelizeStorage(options.storageRepository));
                             break;
+                        case constants_1.TYPEORM_STORAGE:
+                            this.storage.storages.push(new typeorm_storage_1.TypeOrmStorage(options.storageRepository));
+                            break;
                         default:
                             throw new iacry_error_1.BaseError(`Unrecognized PolicyInterface Storage type: ${options.storage}`);
                     }
@@ -72,6 +76,7 @@ let IACryService = exports.IACryService = class IACryService extends policy_mana
         this.firewall = firewall_1.Firewall.create(this.storage, new matcher_1.Matcher(options.strict));
     }
 };
+exports.IACryService = IACryService;
 exports.IACryService = IACryService = tslib_1.__decorate([
     (0, common_1.Injectable)(),
     tslib_1.__param(0, (0, common_1.Inject)(constants_1.IACRY_OPTIONS)),

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 export { IACryModule } from './iacry.module';
-export { SEQUELIZE_STORAGE, IOREDIS_CACHE, IS_ALLOWED, IS_ALLOWED_ANY, IS_ALLOWED_IMPLICIT, } from './constants';
+export { SEQUELIZE_STORAGE, TYPEORM_STORAGE, IOREDIS_CACHE, IS_ALLOWED, IS_ALLOWED_ANY, IS_ALLOWED_IMPLICIT, } from './constants';
 export { REQUEST_USER } from './decorators/constants';
 export { Options as IACryModuleOptions } from './interfaces/module.options';
 export { AsyncOptions as IACryModuleAsyncOptions } from './interfaces/module-async.options';
@@ -10,6 +10,7 @@ export { PolicyInterface, Effect, Action, ActionObject, Resource, ResourceObject
 export { Cache } from './storages/cache/cache.interface';
 export { IACryService } from './iacry.service';
 export { PoliciesStorage as PoliciesStorageSequelizeModel } from './storages/sequelize/storage.model';
+export { PoliciesStorageEntity as PoliciesStorageTypeOrmEntity } from './storages/typeorm/storage.entity';
 export { Entity as IACryEntity } from './decorators/entity';
 export { Action as IACryAction } from './decorators/action';
 export { Resource as IACryResource } from './decorators/resource';

package/dist/index.js

@@ -1,10 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.WrongPolicyPropFormat = exports.MissingPolicyProps = exports.IACryDecoratorError = exports.IACryError = exports.Firewall = exports.Matcher = exports.PolicyVector = exports.Policy = exports.IACryFirewallGuard = exports.IACryFirewall = exports.IACryPrincipal = exports.IACryResource = exports.IACryAction = exports.IACryEntity = exports.PoliciesStorageSequelizeModel = exports.IACryService = exports.Effect = exports.REQUEST_USER = exports.IS_ALLOWED_IMPLICIT = exports.IS_ALLOWED_ANY = exports.IS_ALLOWED = exports.IOREDIS_CACHE = exports.SEQUELIZE_STORAGE = exports.IACryModule = void 0;
+exports.WrongPolicyPropFormat = exports.MissingPolicyProps = exports.IACryDecoratorError = exports.IACryError = exports.Firewall = exports.Matcher = exports.PolicyVector = exports.Policy = exports.IACryFirewallGuard = exports.IACryFirewall = exports.IACryPrincipal = exports.IACryResource = exports.IACryAction = exports.IACryEntity = exports.PoliciesStorageTypeOrmEntity = exports.PoliciesStorageSequelizeModel = exports.IACryService = exports.Effect = exports.REQUEST_USER = exports.IS_ALLOWED_IMPLICIT = exports.IS_ALLOWED_ANY = exports.IS_ALLOWED = exports.IOREDIS_CACHE = exports.TYPEORM_STORAGE = exports.SEQUELIZE_STORAGE = exports.IACryModule = void 0;
 var iacry_module_1 = require("./iacry.module");
 Object.defineProperty(exports, "IACryModule", { enumerable: true, get: function () { return iacry_module_1.IACryModule; } });
 var constants_1 = require("./constants");
 Object.defineProperty(exports, "SEQUELIZE_STORAGE", { enumerable: true, get: function () { return constants_1.SEQUELIZE_STORAGE; } });
+Object.defineProperty(exports, "TYPEORM_STORAGE", { enumerable: true, get: function () { return constants_1.TYPEORM_STORAGE; } });
 Object.defineProperty(exports, "IOREDIS_CACHE", { enumerable: true, get: function () { return constants_1.IOREDIS_CACHE; } });
 Object.defineProperty(exports, "IS_ALLOWED", { enumerable: true, get: function () { return constants_1.IS_ALLOWED; } });
 Object.defineProperty(exports, "IS_ALLOWED_ANY", { enumerable: true, get: function () { return constants_1.IS_ALLOWED_ANY; } });
@@ -17,6 +18,8 @@ var iacry_service_1 = require("./iacry.service");
 Object.defineProperty(exports, "IACryService", { enumerable: true, get: function () { return iacry_service_1.IACryService; } });
 var storage_model_1 = require("./storages/sequelize/storage.model");
 Object.defineProperty(exports, "PoliciesStorageSequelizeModel", { enumerable: true, get: function () { return storage_model_1.PoliciesStorage; } });
+var storage_entity_1 = require("./storages/typeorm/storage.entity");
+Object.defineProperty(exports, "PoliciesStorageTypeOrmEntity", { enumerable: true, get: function () { return storage_entity_1.PoliciesStorageEntity; } });
 var entity_1 = require("./decorators/entity");
 Object.defineProperty(exports, "IACryEntity", { enumerable: true, get: function () { return entity_1.Entity; } });
 var action_1 = require("./decorators/action");

package/dist/interfaces/policy.d.ts

@@ -35,7 +35,7 @@ export interface PrincipalObject {
 export type Principal = string | PrincipalObject;
 export type DynamicIdentifierItem<T> = {
     value: T;
-    parse(thing: T): Array<string | ANY>;
+    parse(): ActionObject | ResourceObject | PrincipalObject;
 };
 export type DynamicIdentifier<T> = T | DynamicIdentifierItem<T>;
 export type DynamicIdentifierVector<T> = Array<DynamicIdentifier<T>>;

package/dist/matcher.js

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Matcher = void 0;
-const micromatch = require("micromatch");
+const tslib_1 = require("tslib");
+const micromatch_1 = tslib_1.__importDefault(require("micromatch"));
 const policy_1 = require("./interfaces/policy");
 const core_1 = require("./helpers/core");
 class Matcher extends core_1.CoreHelper {
@@ -13,7 +14,7 @@ class Matcher extends core_1.CoreHelper {
         const resource = this.normalizeDynamicIdentifier(rawResource, policy_1.RESOURCE);
         const action = this.normalizeDynamicIdentifier(rawAction, policy_1.ACTION);
         const principal = this.normalizeDynamicIdentifier(rawPrincipal, policy_1.PRINCIPAL);
-        let result = {
+        const result = {
             allow: [],
             deny: [],
             abstain: [],
@@ -53,14 +54,17 @@ class Matcher extends core_1.CoreHelper {
             .filter(Boolean).length === matchProps.length);
     }
     matchItem(rawSource, rawTarget) {
-        return micromatch.isMatch(this.normalizeValue(rawSource, true), this.normalizeValue(rawTarget)) || micromatch.isMatch(this.normalizeValue(rawTarget, true), this.normalizeValue(rawSource));
+        return (micromatch_1.default.isMatch(this.normalizeValue(rawSource, true), this.normalizeValue(rawTarget)) ||
+            micromatch_1.default.isMatch(this.normalizeValue(rawTarget, true), this.normalizeValue(rawSource)));
     }
     normalizeValue(rawValue, raw = false) {
         let value = rawValue.toString();
         if (!this.strict) {
             value = value.toLowerCase();
         }
-        return raw ? value : value.replace(new RegExp(`\\${Matcher.ANY}+`), Matcher.ANY.repeat(2));
+        return raw
+            ? value
+            : value.replace(new RegExp(`\\${Matcher.ANY}+`), Matcher.ANY.repeat(2));
     }
 }
 exports.Matcher = Matcher;

package/dist/policy.js

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Policy = void 0;
-const clone = require("clone");
+const tslib_1 = require("tslib");
+const clone_1 = tslib_1.__importDefault(require("clone"));
 const policy_1 = require("./interfaces/policy");
 const core_1 = require("./helpers/core");
 const missing_policy_props_error_1 = require("./errors/missing-policy-props.error");
@@ -13,7 +14,7 @@ class Policy extends core_1.CoreHelper {
             policy = Policy.decode(rawPolicy);
         }
         else {
-            policy = clone(rawPolicy);
+            policy = (0, clone_1.default)(rawPolicy);
         }
         this.normalizePolicyDynamicIdentifiers(policy);
         missing_policy_props_error_1.MissingPolicyProps.assert(policy);
@@ -33,7 +34,7 @@ class Policy extends core_1.CoreHelper {
     }
     toJSON(parse = false) {
         const { Sid, Effect, Action, Resource, Principal } = this;
-        const rawPolicy = clone({ Sid, Effect, Action, Resource, Principal });
+        const rawPolicy = (0, clone_1.default)({ Sid, Effect, Action, Resource, Principal });
         if (parse) {
             this.unpackPolicyDynamicIdentifiers(rawPolicy);
         }

package/dist/storages/cache/ioredis.d.ts

@@ -1,10 +1,10 @@
 import { Cache } from './cache.interface';
-import * as IORedis from 'ioredis';
+import Redis from 'ioredis';
 export declare class IoRedis implements Cache {
-    readonly client: IORedis.Redis;
+    readonly client: Redis;
     private readonly SUCCESS;
     private readonly EXPIRE;
-    constructor(client: IORedis.Redis);
+    constructor(client: Redis);
     set(key: string, value: string, expire?: number): Promise<boolean>;
     has(key: string): Promise<boolean>;
     get(key: string): Promise<string>;

package/dist/storages/global.storage.d.ts

@@ -2,9 +2,9 @@ import { PrincipalObject } from '../interfaces/policy';
 import { PolicyStorage } from '../interfaces/policy-storage';
 import { PolicyInterface } from '../interfaces/policy';
 export declare class GlobalStorage implements PolicyStorage {
-    policies: (string | PolicyInterface)[];
+    policies: Array<string | PolicyInterface>;
     readonly readonly: boolean;
-    constructor(policies?: (string | PolicyInterface)[]);
+    constructor(policies?: Array<string | PolicyInterface>);
     fetch(_principal: PrincipalObject): Promise<Array<string | PolicyInterface>>;
     fetchBySid(_sid: string, _principal: PrincipalObject): Promise<Array<string | PolicyInterface>>;
     save(_principal: PrincipalObject, rawPolicies: Array<string | PolicyInterface>): Promise<number>;

package/dist/storages/sequelize/storage.model.js

@@ -5,7 +5,7 @@ const tslib_1 = require("tslib");
 const sequelize_typescript_1 = require("sequelize-typescript");
 const sequelize_1 = require("sequelize");
 const core_1 = require("../../helpers/core");
-let PoliciesStorage = exports.PoliciesStorage = class PoliciesStorage extends sequelize_typescript_1.Model {
+let PoliciesStorage = class PoliciesStorage extends sequelize_typescript_1.Model {
     static async savePrincipalPolicies(principal, rawPolicies, attach, sid) {
         if (!attach) {
             await this.destroyByPrincipal(principal, sid);
@@ -93,6 +93,7 @@ let PoliciesStorage = exports.PoliciesStorage = class PoliciesStorage extends se
         return item.toLowerCase();
     }
 };
+exports.PoliciesStorage = PoliciesStorage;
 tslib_1.__decorate([
     sequelize_typescript_1.PrimaryKey,
     sequelize_typescript_1.AutoIncrement,

package/dist/storages/typeorm/storage.entity.d.ts

@@ -0,0 +1,9 @@
+export declare class PoliciesStorageEntity {
+    pk: number;
+    sid: string | null;
+    id: string | null;
+    entity: string | null;
+    policy: string;
+    createdAt: Date;
+    updatedAt: Date;
+}

package/dist/storages/typeorm/storage.entity.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PoliciesStorageEntity = void 0;
+const tslib_1 = require("tslib");
+const typeorm_1 = require("typeorm");
+let PoliciesStorageEntity = class PoliciesStorageEntity {
+};
+exports.PoliciesStorageEntity = PoliciesStorageEntity;
+tslib_1.__decorate([
+    (0, typeorm_1.PrimaryGeneratedColumn)(),
+    tslib_1.__metadata("design:type", Number)
+], PoliciesStorageEntity.prototype, "pk", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Index)('policy_typeorm_sid'),
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], PoliciesStorageEntity.prototype, "sid", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Index)('policy_typeorm_principal_id'),
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], PoliciesStorageEntity.prototype, "id", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Index)('policy_typeorm_principal_entity'),
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], PoliciesStorageEntity.prototype, "entity", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ type: 'text' }),
+    tslib_1.__metadata("design:type", String)
+], PoliciesStorageEntity.prototype, "policy", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.CreateDateColumn)(),
+    tslib_1.__metadata("design:type", Date)
+], PoliciesStorageEntity.prototype, "createdAt", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.UpdateDateColumn)(),
+    tslib_1.__metadata("design:type", Date)
+], PoliciesStorageEntity.prototype, "updatedAt", void 0);
+exports.PoliciesStorageEntity = PoliciesStorageEntity = tslib_1.__decorate([
+    (0, typeorm_1.Entity)('policies_storage')
+], PoliciesStorageEntity);

package/dist/storages/typeorm/storage.interface.d.ts

@@ -0,0 +1,6 @@
+import { PrincipalObject, PolicyInterface } from '../../interfaces/policy';
+export interface Storage {
+    savePrincipalPolicies(principal: PrincipalObject, rawPolicies: Array<string | PolicyInterface>, attach?: boolean, sid?: string): Promise<number>;
+    findByPrincipal(principal: PrincipalObject, sid?: string): Promise<Array<string>>;
+    destroyByPrincipal(principal: PrincipalObject, sid?: string): Promise<number>;
+}

package/dist/storages/typeorm/storage.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/storages/typeorm/typeorm.error.d.ts

@@ -0,0 +1,3 @@
+import { BaseError } from '../../errors/iacry.error';
+export declare class TypeOrmError extends BaseError {
+}

package/dist/storages/typeorm/typeorm.error.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TypeOrmError = void 0;
+const iacry_error_1 = require("../../errors/iacry.error");
+class TypeOrmError extends iacry_error_1.BaseError {
+}
+exports.TypeOrmError = TypeOrmError;

package/dist/storages/typeorm.storage.d.ts

@@ -0,0 +1,28 @@
+import { PrincipalObject } from '../interfaces/policy';
+import { PolicyStorage } from '../interfaces/policy-storage';
+import { PolicyInterface } from '../interfaces/policy';
+export interface TypeOrmRepository {
+    find(options: any): Promise<any[]>;
+    save(entities: any[]): Promise<any[]>;
+    delete(criteria: any): Promise<{
+        affected?: number;
+    }>;
+    create(entityLike: any): any;
+}
+export declare class TypeOrmStorage implements PolicyStorage {
+    private readonly storageRepository;
+    readonly readonly: boolean;
+    constructor(storageRepository: TypeOrmRepository | any);
+    fetch(principal: PrincipalObject): Promise<Array<string | PolicyInterface>>;
+    fetchBySid(sid: string, principal: PrincipalObject): Promise<Array<string | PolicyInterface>>;
+    save(principal: PrincipalObject, rawPolicies: Array<string | PolicyInterface>): Promise<number>;
+    add(_principal: PrincipalObject, rawPolicies: Array<string | PolicyInterface>): Promise<number>;
+    saveBySid(sid: string, principal: PrincipalObject, rawPolicies: Array<string | PolicyInterface>): Promise<number>;
+    purge(principal: PrincipalObject): Promise<number>;
+    get repository(): TypeOrmRepository;
+    protected isRepository(x: any): x is TypeOrmRepository;
+    private insertPolicies;
+    private destroyByPrincipal;
+    private buildWhere;
+    private normalizePrincipalField;
+}

package/dist/storages/typeorm.storage.js

@@ -0,0 +1,115 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TypeOrmStorage = void 0;
+const core_1 = require("../helpers/core");
+class TypeOrmStorage {
+    constructor(storageRepository) {
+        this.storageRepository = storageRepository;
+        this.readonly = false;
+    }
+    async fetch(principal) {
+        const entries = await this.repository.find({
+            where: this.buildWhere(principal),
+            select: ['policy'],
+        });
+        return entries.map((entry) => entry.policy);
+    }
+    async fetchBySid(sid, principal) {
+        const entries = await this.repository.find({
+            where: this.buildWhere(principal, sid),
+            select: ['policy'],
+        });
+        return entries.map((entry) => entry.policy);
+    }
+    async save(principal, rawPolicies) {
+        await this.destroyByPrincipal(principal);
+        return this.insertPolicies(principal, rawPolicies);
+    }
+    async add(_principal, rawPolicies) {
+        return this.insertPolicies(_principal, rawPolicies);
+    }
+    async saveBySid(sid, principal, rawPolicies) {
+        await this.destroyByPrincipal(principal, sid);
+        return this.insertPolicies(principal, rawPolicies);
+    }
+    async purge(principal) {
+        return this.destroyByPrincipal(principal);
+    }
+    get repository() {
+        if (!this.isRepository(this.storageRepository)) {
+            throw new TypeError('Policies repository must be a TypeORM Repository instance');
+        }
+        return this.storageRepository;
+    }
+    isRepository(x) {
+        return (x &&
+            typeof x === 'object' &&
+            typeof x.find === 'function' &&
+            typeof x.save === 'function' &&
+            typeof x.delete === 'function' &&
+            typeof x.create === 'function');
+    }
+    async insertPolicies(principal, rawPolicies) {
+        const entities = rawPolicies.map((rawPolicy) => {
+            const policy = typeof rawPolicy === 'string'
+                ? core_1.CoreHelper.decode(rawPolicy)
+                : rawPolicy;
+            return this.repository.create({
+                sid: policy.Sid || null,
+                entity: this.normalizePrincipalField(principal.entity),
+                id: this.normalizePrincipalField(principal.id),
+                policy: core_1.CoreHelper.encode(policy),
+            });
+        });
+        const result = await this.repository.save(entities);
+        return result.length;
+    }
+    async destroyByPrincipal(principal, sid) {
+        const where = {};
+        const entity = this.normalizePrincipalField(principal.entity);
+        const id = this.normalizePrincipalField(principal.id);
+        if (entity !== null) {
+            where.entity = entity;
+        }
+        if (id !== null) {
+            where.id = id;
+        }
+        if (sid) {
+            where.sid = sid;
+        }
+        const result = await this.repository.delete(Object.keys(where).length > 0 ? where : {});
+        return result.affected || 0;
+    }
+    buildWhere(principal, sid) {
+        const entity = this.normalizePrincipalField(principal.entity);
+        const id = this.normalizePrincipalField(principal.id);
+        const conditions = [];
+        const baseCondition = {};
+        if (sid) {
+            baseCondition.sid = sid;
+        }
+        if (entity !== null && id !== null) {
+            conditions.push({ ...baseCondition, entity, id });
+            conditions.push({ ...baseCondition, entity: null, id: null });
+        }
+        else if (entity !== null) {
+            conditions.push({ ...baseCondition, entity });
+            conditions.push({ ...baseCondition, entity: null, id: null });
+        }
+        else if (id !== null) {
+            conditions.push({ ...baseCondition, id });
+            conditions.push({ ...baseCondition, entity: null, id: null });
+        }
+        else {
+            conditions.push(baseCondition);
+        }
+        return conditions;
+    }
+    normalizePrincipalField(value) {
+        if (!value || value === core_1.CoreHelper.ANY) {
+            return null;
+        }
+        return typeof value === 'string' ? value.toLowerCase() : String(value);
+    }
+}
+exports.TypeOrmStorage = TypeOrmStorage;

package/jest.config.js

@@ -1,17 +1,15 @@
-require('ts-node/register');
-
+/** @type {import('ts-jest').JestConfigWithTsJest} */
 module.exports = {
-  'moduleFileExtensions': [
-    'js',
-    'json',
-    'ts',
-  ],
-  'rootDir': 'lib',
-  'testRegex': '/lib/.*\\.spec\\.(ts|js)$',
-  'globals': {
-    'ts-jest': {
-      'tsConfig': 'tsconfig.json'
-    }
+  moduleFileExtensions: ['js', 'json', 'ts'],
+  rootDir: 'lib',
+  testRegex: '/lib/.*\\.spec\\.(ts|js)$',
+  preset: 'ts-jest',
+  transform: {
+    '^.+\\.ts$': [
+      'ts-jest',
+      {
+        tsconfig: 'tsconfig.json',
+      },
+    ],
   },
-  'preset': 'ts-jest',
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nestjs-iacry",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "private": false,
   "description": "NestJS - an identity and access control module inspired by AWS IAM (@iac, @iam)",
   "keywords": [
@@ -35,65 +35,65 @@
     "patch": "npm run release -- --release-as patch",
     "release": "npx standard-version",
     "test": "npx jest",
-    "test:watch": "npx jest --watch"
-  },
-  "husky": {
-    "hooks": {
-      "pre-commit": "lint-staged",
-      "commit-msg": "commitlint -c .commitlintrc.json -E HUSKY_GIT_PARAMS"
-    }
+    "test:watch": "npx jest --watch",
+    "prepare": "husky"
   },
   "lint-staged": {
     "*.ts": [
       "prettier --write"
     ]
   },
+  "engines": {
+    "node": ">=20.0.0"
+  },
   "dependencies": {
+    "clone": "^2.1.2",
     "dot-prop": "^6.0.1",
     "micromatch": "^4.0.5"
   },
   "optionalDependencies": {
-    "ioredis": "^5.3.2",
-    "sequelize": "6.32.1",
-    "sequelize-typescript": "2.1.5"
+    "ioredis": "^5.4.0",
+    "sequelize": "^6.37.0",
+    "sequelize-typescript": "^2.1.6",
+    "typeorm": "^0.3.20"
   },
   "devDependencies": {
-    "@commitlint/cli": "^17.6.6",
-    "@commitlint/config-angular": "^17.6.6",
-    "@golevelup/nestjs-testing": "^0.1.2",
-    "@nestjs/cli": "^10.1.7",
-    "@nestjs/common": "^10.0.5",
-    "@nestjs/core": "10.0.5",
-    "@nestjs/schematics": "^10.0.1",
-    "@nestjs/testing": "^10.0.5",
-    "@types/ioredis": "^4.28.10",
-    "@types/jest": "^29.5.2",
-    "@types/node": "^20.4.0",
-    "@types/sequelize": "^4.28.15",
-    "@types/supertest": "^2.0.12",
-    "@typescript-eslint/eslint-plugin": "^5.61.0",
-    "@typescript-eslint/parser": "^5.61.0",
-    "eslint": "^8.44.0",
-    "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-import": "^2.27.5",
-    "husky": "^8.0.3",
-    "jest": "^29.6.1",
-    "lint-staged": "^13.2.3",
+    "@commitlint/cli": "^19.0.0",
+    "@commitlint/config-angular": "^19.0.0",
+    "@nestjs/cli": "^11.0.0",
+    "@nestjs/common": "^11.0.0",
+    "@nestjs/core": "^11.0.0",
+    "@nestjs/schematics": "^11.0.0",
+    "@nestjs/testing": "^11.0.0",
+    "@types/clone": "^2.1.4",
+    "@types/jest": "^29.5.14",
+    "@types/micromatch": "^4.0.9",
+    "@types/node": "^22.0.0",
+    "@types/supertest": "^6.0.0",
+    "@typescript-eslint/eslint-plugin": "^7.0.0",
+    "@typescript-eslint/parser": "^7.0.0",
+    "eslint": "^8.56.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-import": "^2.31.0",
+    "husky": "^9.0.0",
+    "jest": "^29.7.0",
+    "lint-staged": "^15.0.0",
     "prettier": "^3.0.0",
-    "reflect-metadata": "^0.1.13",
-    "rimraf": "^3.0.2",
-    "sequelize": "6.32.1",
-    "sequelize-typescript": "2.1.5",
+    "reflect-metadata": "^0.2.2",
+    "rimraf": "^6.0.0",
+    "sequelize": "^6.37.0",
+    "sequelize-typescript": "^2.1.6",
     "standard-version": "^9.5.0",
-    "supertest": "^6.3.3",
-    "ts-jest": "^29.1.1",
-    "ts-loader": "^9.4.4",
-    "ts-node": "^10.9.1",
+    "supertest": "^7.0.0",
+    "typeorm": "^0.3.20",
+    "ts-jest": "^29.2.0",
+    "ts-loader": "^9.5.0",
+    "ts-node": "^10.9.2",
     "tsconfig-paths": "^4.2.0",
-    "typescript": "^5.1.6"
+    "typescript": "^5.7.0"
   },
   "peerDependencies": {
-    "@nestjs/common": "^9.2.1",
-    "@nestjs/core": "9.2.1"
+    "@nestjs/common": "^9.0.0 || ^10.0.0 || ^11.0.0",
+    "@nestjs/core": "^9.0.0 || ^10.0.0 || ^11.0.0"
   }
 }