@shadow-dev/core
Version:
A modular core framework for Discord bot development, providing commands, buttons, menus, middleware, and more.
37 lines (30 loc) • 1.12 kB
text/typescript
import {
CanActivate,
ExecutionContext,
ForbiddenException,
Injectable,
} from "@nestjs/common";
import { Reflector } from "@nestjs/core";
import { Observable } from "rxjs";
import { ROLES_KEY } from "../decorators/roles.decorator";
()
export class RolesGuard implements CanActivate {
constructor(private reflector: Reflector) {}
canActivate(
context: ExecutionContext
): boolean | Promise<boolean> | Observable<boolean> {
const requiredRoles = this.reflector.getAllAndOverride<string[]>(
ROLES_KEY,
[context.getHandler(), context.getClass()]
);
if (!requiredRoles || requiredRoles.length === 0) return true;
const request = context.switchToHttp().getRequest();
const userRoles: string[] = request.user?.roles;
if (!userRoles || !Array.isArray(userRoles)) {
throw new ForbiddenException("Roles not found on user object.");
}
const hasRole = requiredRoles.some((role) => userRoles.includes(role));
if (!hasRole) throw new ForbiddenException("Insufficient role permissions");
return true;
}
}