UNPKG

loopback4-authorization

Version:

ARC authorization extension for loopback-next applications.

github.com/sourcefuse/loopback4-authorization

sourcefuse/loopback4-authorization

49 lines (44 loc) 1.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
import { MetadataInspector, MethodDecoratorFactory, Reflector, } from '@loopback/core'; import {AuthorizationMetadata} from '../types'; import {AUTHORIZATION_METADATA_ACCESSOR} from '../keys'; import {specPreprocessor} from './spec-preprocessor'; import {OperationObject} from '@loopback/rest'; type OperationMeta = { verb: string; path: string; spec: OperationObject; }; const OAI3KEY_METHODS = 'openapi-v3:methods'; export function authorize(metadata: AuthorizationMetadata) { const authorizedecorator = MethodDecoratorFactory.createDecorator<AuthorizationMetadata>( AUTHORIZATION_METADATA_ACCESSOR, { permissions: metadata.permissions || [], resource: metadata.resource ?? '', isCasbinPolicy: metadata.isCasbinPolicy ?? false, }, ); const authorizationWithMetadata = <T>( target: Object, propertyKey: string, descriptor: TypedPropertyDescriptor<T>, ) => { const meta: OperationMeta | undefined = MetadataInspector.getMethodMetadata( OAI3KEY_METHODS, target, propertyKey, ); if (meta) { meta.spec = specPreprocessor(target, propertyKey, metadata, meta.spec); Reflector.deleteMetadata(OAI3KEY_METHODS, target, propertyKey); Reflector.defineMetadata(OAI3KEY_METHODS, meta, target, propertyKey); authorizedecorator(target, propertyKey, descriptor); } }; return authorizationWithMetadata; }