@n4it/crud-policy
Version:
NestJs CRUD for RESTful APIs - policy
45 lines • 1.62 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.BasePolicyGuard = void 0;
const common_1 = require("@nestjs/common");
const constants_1 = require("../constants");
const validate_1 = require("../utils/validate");
const utils_1 = require("./utils");
class BasePolicyGuard {
reflector;
opts;
constructor(reflector, opts) {
this.reflector = reflector;
this.opts = opts;
}
canActivate(context) {
const requiredPolicies = this.getRequiredPolicies(context);
if (!requiredPolicies) {
return true;
}
const isAllowed = this.hasCorrectPolicies(context);
if (!isAllowed) {
throw new common_1.ForbiddenException();
}
return true;
}
getRequiredPolicies(context) {
return this.reflector.getAllAndOverride(constants_1.POLICY_NAME_METADATA, [
context.getHandler(),
context.getClass(),
]);
}
getAndValidateResourceId(params, body) {
return (0, utils_1.createGetAndValidateResourceId)({
extractors: this.opts.extractors,
})(params, body);
}
hasCorrectPolicies(context) {
const requiredPolicies = this.getRequiredPolicies(context);
const { user, params, body } = context.switchToHttp().getRequest();
const entityId = this.getAndValidateResourceId(params, body);
return (0, validate_1.validatePolicies)(requiredPolicies, user[this.opts.userPolicyField] ?? [], entityId);
}
}
exports.BasePolicyGuard = BasePolicyGuard;
//# sourceMappingURL=BasePolicyGuard.js.map