UNPKG

@mamoorali295/rbac

Version:

Complete RBAC (Role-Based Access Control) system for Node.js with Express middleware, NestJS integration, GraphQL support, MongoDB & PostgreSQL support, modern admin dashboard, TypeScript support, and dynamic permission management

115 lines (114 loc) 5.48 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.RegisterUserGuard = void 0; const common_1 = require("@nestjs/common"); const core_1 = require("@nestjs/core"); const register_user_decorator_1 = require("../decorators/register-user.decorator"); const core_2 = require("../../core"); /** * NestJS guard that automatically registers users in the RBAC system. * Uses the @RegisterUser decorator to determine user extraction logic. * Automatically assigns default role if configured and calls registration hooks. * * @example * ```typescript * // Apply to specific routes * @Post('signup') * @UseGuards(RegisterUserGuard) * @RegisterUser() * createUser(@Body() userData: CreateUserDto) { ... } * * // With custom user extraction * @Post('signup') * @UseGuards(RegisterUserGuard) * @RegisterUser({ * userExtractor: (body) => ({ * user_id: body.id, * name: body.fullName, * email: body.emailAddress * }) * }) * createUser(@Body() userData: CreateUserDto) { ... } * ``` */ let RegisterUserGuard = class RegisterUserGuard { constructor(reflector) { this.reflector = reflector; } canActivate(context) { return __awaiter(this, void 0, void 0, function* () { const registerOptions = this.reflector.getAllAndOverride(register_user_decorator_1.REGISTER_USER_KEY, [context.getHandler(), context.getClass()]); if (!registerOptions) { return true; } const request = context.switchToHttp().getRequest(); try { if (!core_2.CoreRBAC.config || !core_2.CoreRBAC.initialized || !core_2.CoreRBAC.dbAdapter) { throw new common_1.InternalServerErrorException('RBAC system not initialized'); } const userData = registerOptions.userExtractor ? registerOptions.userExtractor(request.body, request.user) : { user_id: request.body.user_id || request.body.id, name: request.body.name, email: request.body.email, }; if (!userData.user_id) { throw new common_1.BadRequestException('user_id is required'); } const existingUser = yield core_2.CoreRBAC.dbAdapter.findUserByUserId(userData.user_id); if (existingUser) { throw new common_1.ConflictException('User already registered in RBAC system'); } let defaultRoleId = undefined; if (core_2.CoreRBAC.config.defaultRole) { const role = yield core_2.CoreRBAC.dbAdapter.findRoleByName(core_2.CoreRBAC.config.defaultRole); if (role) { defaultRoleId = role.id; } } yield core_2.CoreRBAC.dbAdapter.createUser({ user_id: userData.user_id, name: userData.name || '', email: userData.email || '', role_id: defaultRoleId, }); if (core_2.CoreRBAC.config.onUserRegister) { yield core_2.CoreRBAC.config.onUserRegister(userData); } // Attach user info to request for downstream handlers request.rbacUser = userData; return true; } catch (error) { if (error instanceof common_1.ConflictException || error instanceof common_1.BadRequestException) { throw error; } throw new common_1.InternalServerErrorException('Internal server error during user registration'); } }); } }; exports.RegisterUserGuard = RegisterUserGuard; exports.RegisterUserGuard = RegisterUserGuard = __decorate([ (0, common_1.Injectable)(), __metadata("design:paramtypes", [core_1.Reflector]) ], RegisterUserGuard);