UNPKG

feathers-casl

Version:

Add access control with CASL to your feathers application.

feathers-casl.netlify.app

fratzinger/feathers-casl

62 lines (52 loc) 1.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
import { subject } from '@casl/ability' import { throwUnlessCan } from '../hooks/authorize/authorize.hook.utils.js' import { getFieldsForConditions } from './getFieldsForConditions.js' import type { AnyAbility } from '@casl/ability' import type { Id, Service } from '@feathersjs/feathers' import type { UtilCheckCanOptions } from '../types.js' const makeOptions = ( providedOptions?: Partial<UtilCheckCanOptions>, ): UtilCheckCanOptions => { return { actionOnForbidden: () => {}, checkGeneral: true, skipThrow: false, useConditionalSelect: true, ...providedOptions, } } export const checkCan = async <S>( ability: AnyAbility, id: Id, method: string, modelName: string, service: Service<S>, providedOptions?: Partial<UtilCheckCanOptions>, ): Promise<boolean> => { const options = makeOptions(providedOptions) if (options.checkGeneral) { const can = throwUnlessCan(ability, method, modelName, modelName, options) if (!can) { return false } } let params if (options.useConditionalSelect) { const $select = getFieldsForConditions(ability, method, modelName) params = { query: { $select }, } } //@ts-expect-error _get is not exposed const getMethod = service._get ? '_get' : 'get' // @ts-expect-error _get is not exposed const item = await service[getMethod](id, params) const can = throwUnlessCan( ability, method, subject(modelName, item), modelName, options, ) return can }