npm - plac-micro-common - Versions diffs - 1.2.1 → 1.2.3 - Mend

plac-micro-common 1.2.1 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/http/guards/jwt_auth.guard.js +2 -0
package/dist/http/guards/permission.guard.js +15 -9
package/dist/types/auth.type.d.ts +2 -0
package/dist/types/http.type.d.ts +2 -1
package/dist/types/http.type.js +1 -0
package/package.json +1 -1

package/dist/http/guards/jwt_auth.guard.js CHANGED Viewed

@@ -33,6 +33,8 @@ let JwtAuthGuard = class JwtAuthGuard {
         req.current_user = authPayload.user;
         req.current_app = authPayload.app;
         req.current_app_client = authPayload.app_client;
+        req.current_roles = authPayload.roles ?? [];
+        req.current_permissions = authPayload.permissions ?? [];
         return true;
     }
 };

package/dist/http/guards/permission.guard.js CHANGED Viewed

@@ -13,6 +13,7 @@ exports.PermissionsGuard = void 0;
 const common_1 = require("@nestjs/common");
 const core_1 = require("@nestjs/core");
 const constants_1 = require("../constants");
+const types_1 = require("../../types");
 let PermissionsGuard = class PermissionsGuard {
     constructor(reflector) {
         this.reflector = reflector;
@@ -23,17 +24,22 @@ let PermissionsGuard = class PermissionsGuard {
         if (!required || required.length === 0)
             return true;
         const req = context.switchToHttp().getRequest();
-        // Must have req.user set by JwtAuthGuard (passport-jwt or custom)
-        const user = req?.user;
-        if (!user)
-            throw new common_1.UnauthorizedException("Missing auth user");
-        const userPerms = Array.isArray(user.permissions)
-            ? user.permissions
+        // ✅ Your convention: permissions live on req.current_permissions
+        const perms = Array.isArray(req?.current_permissions)
+            ? req.current_permissions
             : [];
+        if (!perms.length) {
+            throw new common_1.UnauthorizedException("The current request does not consist of any permissions!");
+        }
         // require ALL permissions by default
-        const hasAll = required.every((p) => userPerms.includes(p));
-        if (!hasAll)
-            throw new common_1.ForbiddenException("Insufficient permissions");
+        const hasAll = required.every((p) => perms.includes(p));
+        if (!hasAll) {
+            throw new common_1.ForbiddenException({
+                code: types_1.ErrorCode.PermissionDenied,
+                message: "The user does not have sufficient permissions to access this resource or perform this action!",
+                details: constants_1.REQUIRE_PERMISSIONS_KEY,
+            });
+        }
         return true;
     }
 };

package/dist/types/auth.type.d.ts CHANGED Viewed

@@ -37,4 +37,6 @@ export type AuthPayload = {
     user: CurrentUserInfo;
     app: CurrentAppInfo;
     app_client: CurrentAppClientInfo;
+    roles?: string[];
+    permissions?: string[];
 };

package/dist/types/http.type.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 export declare enum ErrorCode {
     AccessTokenExpired = "ACCESS_TOKEN_EXPIRED",
-    InvalidToken = "INVALID_TOKEN"
+    InvalidToken = "INVALID_TOKEN",
+    PermissionDenied = "PERMISSION_DENIED"
 }

package/dist/types/http.type.js CHANGED Viewed

@@ -5,4 +5,5 @@ var ErrorCode;
 (function (ErrorCode) {
     ErrorCode["AccessTokenExpired"] = "ACCESS_TOKEN_EXPIRED";
     ErrorCode["InvalidToken"] = "INVALID_TOKEN";
+    ErrorCode["PermissionDenied"] = "PERMISSION_DENIED";
 })(ErrorCode || (exports.ErrorCode = ErrorCode = {}));

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "plac-micro-common",
-  "version": "1.2.1",
+  "version": "1.2.3",
   "types": "dist/index.d.ts",
   "main": "dist/index.js",
   "scripts": {