UNPKG

manifest

Version:

The backend for AI code editors

64 lines (63 loc) 2.93 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.PolicyGuard = void 0; const common_1 = require("@nestjs/common"); const core_1 = require("@nestjs/core"); const auth_service_1 = require("../auth/auth.service"); const entity_manifest_service_1 = require("../manifest/services/entity-manifest.service"); const policies_1 = require("./policies"); let PolicyGuard = class PolicyGuard { constructor(reflector, entityManifestService, authService) { this.reflector = reflector; this.entityManifestService = entityManifestService; this.authService = authService; } async canActivate(context) { const rule = this.reflector.get('rule', context.getHandler()); if (!rule) { return true; } const req = context.switchToHttp().getRequest(); let routePolicies; if (rule === 'dynamic-endpoint') { routePolicies = req['endpoint']?.policies || []; } else { routePolicies = await this.getCrudPolicies(rule, context.getArgs()[0].params.entity); } const { user, entitySlug: userEntitySlug } = (await this.authService.getUserFromRequest(req)) || {}; let userEntityManifest; if (userEntitySlug) { userEntityManifest = this.entityManifestService.getEntityManifest({ slug: userEntitySlug }); } else { userEntityManifest = null; } return routePolicies.every((policy) => { const policyFn = policies_1.policies[policy.access]; return policyFn(user, userEntityManifest, { allow: policy.allow }); }); } async getCrudPolicies(rule, entitySlug) { const entityManifest = this.entityManifestService.getEntityManifest({ slug: entitySlug }); return entityManifest.policies[rule]; } }; exports.PolicyGuard = PolicyGuard; exports.PolicyGuard = PolicyGuard = __decorate([ (0, common_1.Injectable)(), __metadata("design:paramtypes", [core_1.Reflector, entity_manifest_service_1.EntityManifestService, auth_service_1.AuthService]) ], PolicyGuard);