@wepublish/api
Version:
API core for we.publish.
35 lines • 1.35 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.PermissionsGuard = void 0;
const tslib_1 = require("tslib");
const common_1 = require("@nestjs/common");
const core_1 = require("@nestjs/core");
const permission_decorator_1 = require("./permission.decorator");
const graphql_1 = require("@nestjs/graphql");
const has_permission_1 = require("./has-permission");
let PermissionsGuard = exports.PermissionsGuard = class PermissionsGuard {
constructor(reflector) {
this.reflector = reflector;
}
canActivate(context) {
const ctx = graphql_1.GqlExecutionContext.create(context);
const permissions = this.reflector.getAllAndMerge(permission_decorator_1.PERMISSIONS_METADATA_KEY, [
context.getHandler(),
context.getClass()
]);
if (!permissions.length) {
return true;
}
const request = ctx.getContext().req;
const session = request.user;
if (!session) {
return false;
}
return (0, has_permission_1.hasPermission)(permissions, session.roles);
}
};
exports.PermissionsGuard = PermissionsGuard = tslib_1.__decorate([
(0, common_1.Injectable)(),
tslib_1.__metadata("design:paramtypes", [core_1.Reflector])
], PermissionsGuard);
//# sourceMappingURL=permission.guard.js.map