manifest
Version:
The backend for AI code editors
64 lines (63 loc) • 2.93 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.PolicyGuard = void 0;
const common_1 = require("@nestjs/common");
const core_1 = require("@nestjs/core");
const auth_service_1 = require("../auth/auth.service");
const entity_manifest_service_1 = require("../manifest/services/entity-manifest.service");
const policies_1 = require("./policies");
let PolicyGuard = class PolicyGuard {
constructor(reflector, entityManifestService, authService) {
this.reflector = reflector;
this.entityManifestService = entityManifestService;
this.authService = authService;
}
async canActivate(context) {
const rule = this.reflector.get('rule', context.getHandler());
if (!rule) {
return true;
}
const req = context.switchToHttp().getRequest();
let routePolicies;
if (rule === 'dynamic-endpoint') {
routePolicies = req['endpoint']?.policies || [];
}
else {
routePolicies = await this.getCrudPolicies(rule, context.getArgs()[0].params.entity);
}
const { user, entitySlug: userEntitySlug } = (await this.authService.getUserFromRequest(req)) || {};
let userEntityManifest;
if (userEntitySlug) {
userEntityManifest = this.entityManifestService.getEntityManifest({
slug: userEntitySlug
});
}
else {
userEntityManifest = null;
}
return routePolicies.every((policy) => {
const policyFn = policies_1.policies[policy.access];
return policyFn(user, userEntityManifest, { allow: policy.allow });
});
}
async getCrudPolicies(rule, entitySlug) {
const entityManifest = this.entityManifestService.getEntityManifest({ slug: entitySlug });
return entityManifest.policies[rule];
}
};
exports.PolicyGuard = PolicyGuard;
exports.PolicyGuard = PolicyGuard = __decorate([
(0, common_1.Injectable)(),
__metadata("design:paramtypes", [core_1.Reflector,
entity_manifest_service_1.EntityManifestService,
auth_service_1.AuthService])
], PolicyGuard);