@scitizen/nest-casl
Advanced tools
A module for managing authorization in your nest application, using casl.
 +Â
A simple decorator-based way to check CASL abilities on NestJS controllers.
Use decorators everywhere to protect your controller methods.
npm install --save @scitizen/nest-casl
Additionally, please make sure you have correct peer dependencies installed:
^5.0.0^8.0.0^8.0.0^4.17.0^0.1.13^7.0.0npm install @casl/ability@^5.0.0 @nestjs/common@^8.0.0 @nestjs/core@^8.0.0 lodash@^4.17.0 reflect-metadata@^0.1.13 rxjs@^7.0.0
Declare a new service that converts the user of your request to a CASL ability:
import { Injectable } from '@nestjs/common';
import { AbilityBuilder, PureAbility } from '@casl/ability';
import { CaslAbilityFactory } from '@scitizen/nest-casl';
@Injectable()
export class AbilityFactory implements CaslAbilityFactory {
// Here, `request` is the express or fastify request. You might get infos from it.
public createFromRequest( _request: unknown ): PureAbility {
const abilityBuilder = new AbilityBuilder( PureAbility );
abilityBuilder.can( 'feed', 'cat' );
abilityBuilder.can( 'hug', 'cat' );
abilityBuilder.can( 'pet', 'cat' );
abilityBuilder.cannot( 'rename', 'cat' );
return abilityBuilder.build();
}
}
Import the module:
import { Module } from '@nestjs/common';
import { CaslModule } from '@scitizen/nest-casl';
@Module( {
imports: [
CaslModule.withConfig( ( { abilityFactory: AbilityFactory } ) ),
// ....
],
} )
export class AppModule {}
Use decorators in your controller:
import { AbilityBuilder, PureAbility } from '@casl/ability';
import { Controller, Get } from '@nestjs/common';
import { InjectAbility, PoliciesMask, Policy } from '@scitizen/nest-casl';
@Controller( '/cat/care' )
@PoliciesMask({
'pet': { action: 'pet', subject: 'cat' }
})
export class CatCareController {
// Okay, you can feed.
@Get( 'feed' )
@Policy( { action: 'feed', subject: 'cat' } )
public feed(){
// ...
}
// Well, I guess he won't bite.
@Get( 'hug' )
@Policy( { action: 'hug', subject: 'cat' } )
public hug(){
// ...
}
@Get( 'pet' )
public pet( @InjectAbility() ability: PureAbility ){
// ...
}
}
For more details and usage with guards, please refer to the guide.
@scitizen/nest-casl is MIT licensed.
FAQs
A module for managing authorization in your nest application, using casl.
We found that @scitizen/nest-casl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A critical vm2 sandbox escape can allow untrusted JavaScript to break isolation and execute commands on the host Node.js process.
Research
Five malicious NuGet packages impersonate Chinese .NET libraries to deploy a stealer targeting browser credentials, crypto wallets, SSH keys, and local files.
Security News
pnpm 11 turns on a 1-day Minimum Release Age and blocks exotic subdeps by default, adding safeguards against fast-moving supply chain attacks.