nest-authz
Advanced tools
nest-authz - npm Package Compare versions
Comparing version 2.4.0 to 2.5.0
@@ -1,3 +0,3 @@ | ||
| export declare const AUTHZ_MODULE_OPTIONS = "AUTHZ_MODULE_OPTIONS"; | ||
| export declare const AUTHZ_ENFORCER = "AUTHZ_ENFORCER"; | ||
| export declare const PERMISSIONS_METADATA = "__PERMISSIONS__"; | ||
| export declare const AUTHZ_MODULE_OPTIONS: unique symbol; | ||
| export declare const AUTHZ_ENFORCER: unique symbol; | ||
| export declare const PERMISSIONS_METADATA: unique symbol; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.PERMISSIONS_METADATA = exports.AUTHZ_ENFORCER = exports.AUTHZ_MODULE_OPTIONS = void 0; | ||
| exports.AUTHZ_MODULE_OPTIONS = 'AUTHZ_MODULE_OPTIONS'; | ||
| exports.AUTHZ_ENFORCER = 'AUTHZ_ENFORCER'; | ||
| exports.PERMISSIONS_METADATA = '__PERMISSIONS__'; | ||
| exports.AUTHZ_MODULE_OPTIONS = Symbol('AUTHZ_MODULE_OPTIONS'); | ||
| exports.AUTHZ_ENFORCER = Symbol('AUTHZ_ENFORCER'); | ||
| exports.PERMISSIONS_METADATA = Symbol('__PERMISSIONS__'); | ||
| //# sourceMappingURL=authz.constants.js.map |
| import { CanActivate, ExecutionContext } from '@nestjs/common'; | ||
| import { Reflector } from '@nestjs/core'; | ||
| import * as casbin from 'casbin'; | ||
| import { AuthZModuleOptions } from './interfaces/authz-module-options.interface'; | ||
| export declare class AuthZGuard implements CanActivate { | ||
| private readonly reflector; | ||
| private enforcer; | ||
| private options; | ||
| constructor(reflector: Reflector, enforcer: casbin.Enforcer, options: AuthZModuleOptions); | ||
| private readonly enforcer; | ||
| private readonly options; | ||
| constructor(reflector: Reflector); | ||
| canActivate(context: ExecutionContext): Promise<boolean>; | ||
@@ -11,0 +9,0 @@ static asyncSome<T>(array: T[], callback: (value: T, index: number, a: T[]) => Promise<boolean>): Promise<boolean>; |
@@ -11,5 +11,2 @@ "use strict"; | ||
| }; | ||
| var __param = (this && this.__param) || function (paramIndex, decorator) { | ||
| return function (target, key) { decorator(target, key, paramIndex); } | ||
| }; | ||
| var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
@@ -34,6 +31,4 @@ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | ||
| let AuthZGuard = exports.AuthZGuard = AuthZGuard_1 = class AuthZGuard { | ||
| constructor(reflector, enforcer, options) { | ||
| constructor(reflector) { | ||
| this.reflector = reflector; | ||
| this.enforcer = enforcer; | ||
| this.options = options; | ||
| } | ||
@@ -100,8 +95,14 @@ canActivate(context) { | ||
| }; | ||
| __decorate([ | ||
| (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER), | ||
| __metadata("design:type", casbin.Enforcer) | ||
| ], AuthZGuard.prototype, "enforcer", void 0); | ||
| __decorate([ | ||
| (0, common_1.Inject)(authz_constants_1.AUTHZ_MODULE_OPTIONS), | ||
| __metadata("design:type", Object) | ||
| ], AuthZGuard.prototype, "options", void 0); | ||
| exports.AuthZGuard = AuthZGuard = AuthZGuard_1 = __decorate([ | ||
| (0, common_1.Injectable)(), | ||
| __param(1, (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER)), | ||
| __param(2, (0, common_1.Inject)(authz_constants_1.AUTHZ_MODULE_OPTIONS)), | ||
| __metadata("design:paramtypes", [core_1.Reflector, casbin.Enforcer, Object]) | ||
| __metadata("design:paramtypes", [core_1.Reflector]) | ||
| ], AuthZGuard); | ||
| //# sourceMappingURL=authz.guard.js.map |
@@ -29,3 +29,3 @@ "use strict"; | ||
| provide: authz_constants_1.AUTHZ_MODULE_OPTIONS, | ||
| useValue: options || {} | ||
| useValue: options || {}, | ||
| }; | ||
@@ -50,3 +50,3 @@ let enforcerProvider = options.enforcerProvider; | ||
| return casbin.newEnforcer(options.model, policyOption); | ||
| }) | ||
| }), | ||
| }; | ||
@@ -61,3 +61,3 @@ } | ||
| services_1.AuthZRBACService, | ||
| services_1.AuthZManagementService | ||
| services_1.AuthZManagementService, | ||
| ], | ||
@@ -70,4 +70,4 @@ imports: importsModule, | ||
| services_1.AuthZRBACService, | ||
| services_1.AuthZManagementService | ||
| ] | ||
| services_1.AuthZManagementService, | ||
| ], | ||
| }; | ||
@@ -80,5 +80,5 @@ } | ||
| providers: [], | ||
| exports: [] | ||
| exports: [], | ||
| }) | ||
| ], AuthZModule); | ||
| //# sourceMappingURL=authz.module.js.map |
| import { Permission } from '../interfaces/permission.interface'; | ||
| export declare const UsePermissions: (...permissions: Permission[]) => import("@nestjs/common").CustomDecorator<string>; | ||
| import { PERMISSIONS_METADATA } from '../authz.constants'; | ||
| export declare const UsePermissions: (...permissions: Permission[]) => import("@nestjs/common").CustomDecorator<typeof PERMISSIONS_METADATA>; |
@@ -8,3 +8,3 @@ "use strict"; | ||
| const UsePermissions = (...permissions) => { | ||
| const perms = permissions.map(item => { | ||
| const perms = permissions.map((item) => { | ||
| if (!item.isOwn) { | ||
@@ -11,0 +11,0 @@ item.isOwn = defaultIsOwn; |
@@ -1,5 +0,3 @@ | ||
| import * as casbin from 'casbin'; | ||
| export declare class AuthZManagementService { | ||
| private readonly enforcer; | ||
| constructor(enforcer: casbin.Enforcer); | ||
| getAllSubjects(): Promise<string[]>; | ||
@@ -6,0 +4,0 @@ getAllNamedSubjects(ptype: string): Promise<string[]>; |
@@ -11,5 +11,2 @@ "use strict"; | ||
| }; | ||
| var __param = (this && this.__param) || function (paramIndex, decorator) { | ||
| return function (target, key) { decorator(target, key, paramIndex); } | ||
| }; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -21,5 +18,2 @@ exports.AuthZManagementService = void 0; | ||
| let AuthZManagementService = exports.AuthZManagementService = class AuthZManagementService { | ||
| constructor(enforcer) { | ||
| this.enforcer = enforcer; | ||
| } | ||
| getAllSubjects() { | ||
@@ -158,7 +152,9 @@ return this.enforcer.getAllSubjects(); | ||
| }; | ||
| __decorate([ | ||
| (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER), | ||
| __metadata("design:type", casbin.Enforcer) | ||
| ], AuthZManagementService.prototype, "enforcer", void 0); | ||
| exports.AuthZManagementService = AuthZManagementService = __decorate([ | ||
| (0, common_1.Injectable)(), | ||
| __param(0, (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER)), | ||
| __metadata("design:paramtypes", [casbin.Enforcer]) | ||
| (0, common_1.Injectable)() | ||
| ], AuthZManagementService); | ||
| //# sourceMappingURL=authz-management.service.js.map |
@@ -1,5 +0,3 @@ | ||
| import * as casbin from 'casbin'; | ||
| export declare class AuthZRBACService { | ||
| private readonly enforcer; | ||
| constructor(enforcer: casbin.Enforcer); | ||
| getRolesForUser(name: string, domain?: string): Promise<string[]>; | ||
@@ -6,0 +4,0 @@ getUsersForRole(name: string, domain?: string): Promise<string[]>; |
@@ -11,5 +11,2 @@ "use strict"; | ||
| }; | ||
| var __param = (this && this.__param) || function (paramIndex, decorator) { | ||
| return function (target, key) { decorator(target, key, paramIndex); } | ||
| }; | ||
| var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
@@ -30,5 +27,2 @@ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | ||
| let AuthZRBACService = exports.AuthZRBACService = class AuthZRBACService { | ||
| constructor(enforcer) { | ||
| this.enforcer = enforcer; | ||
| } | ||
| getRolesForUser(name, domain) { | ||
@@ -88,7 +82,9 @@ return this.enforcer.getRolesForUser(name, domain); | ||
| }; | ||
| __decorate([ | ||
| (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER), | ||
| __metadata("design:type", casbin.Enforcer) | ||
| ], AuthZRBACService.prototype, "enforcer", void 0); | ||
| exports.AuthZRBACService = AuthZRBACService = __decorate([ | ||
| (0, common_1.Injectable)(), | ||
| __param(0, (0, common_1.Inject)(authz_constants_1.AUTHZ_ENFORCER)), | ||
| __metadata("design:paramtypes", [casbin.Enforcer]) | ||
| (0, common_1.Injectable)() | ||
| ], AuthZRBACService); | ||
| //# sourceMappingURL=authz-rbac.service.js.map |
| { | ||
| "name": "nest-authz", | ||
| "version": "2.4.0", | ||
| "description": "基于 node-casbin 实现的 RBAC 权限控制模块。", | ||
| "version": "2.5.0", | ||
| "description": "Nest authorization middleware based on Node-Casbin", | ||
| "main": "dist/index.js", | ||
@@ -20,6 +20,6 @@ "types": "dist/index.d.ts", | ||
| "format": "prettier --write \"src/**/*.ts\"", | ||
| "lint": "tslint -p tsconfig.json -c tslint.json", | ||
| "lint": "eslint --cache .", | ||
| "release": "standard-version", | ||
| "test": "jest", | ||
| "coverage": "jest --coverage", | ||
| "test": "vitest", | ||
| "coverage": "vitest --coverage", | ||
| "typecheck": "tsc --noEmit" | ||
@@ -36,8 +36,12 @@ }, | ||
| "@nestjs/core": "^9.0.3", | ||
| "@types/jest": "24.9.0", | ||
| "@types/eslint": "^8.44.0", | ||
| "@types/node": "11.15.50", | ||
| "@typescript-eslint/eslint-plugin": "^6.1.0", | ||
| "@typescript-eslint/parser": "^6.1.0", | ||
| "@vitest/coverage-v8": "^0.33.0", | ||
| "commitizen": "4.2.4", | ||
| "cz-conventional-changelog": "3.3.0", | ||
| "jest": "24.9.0", | ||
| "prettier": "1.19.1", | ||
| "eslint": "^8.45.0", | ||
| "eslint-plugin-prettier": "^5.0.0", | ||
| "prettier": "^3.0.0", | ||
| "reflect-metadata": "0.1.13", | ||
@@ -47,6 +51,5 @@ "rimraf": "3.0.1", | ||
| "standard-version": "8.0.2", | ||
| "ts-jest": "24.3.0", | ||
| "ts-node": "10.0.0", | ||
| "tslint": "5.11.0", | ||
| "typescript": "^5.0.0" | ||
| "typescript": "^5.0.0", | ||
| "vitest": "^0.33.0" | ||
| }, | ||
@@ -53,0 +56,0 @@ "peerDependencies": { |
@@ -58,3 +58,2 @@ # nest-authz | ||
| policy: TypeORMAdapter.newAdapter({ | ||
| name: 'casbin', | ||
| type: 'mysql', | ||
@@ -61,0 +60,0 @@ host: 'localhost', |
@@ -1,3 +0,3 @@ | ||
| export const AUTHZ_MODULE_OPTIONS = 'AUTHZ_MODULE_OPTIONS'; | ||
| export const AUTHZ_ENFORCER = 'AUTHZ_ENFORCER'; | ||
| export const PERMISSIONS_METADATA = '__PERMISSIONS__'; | ||
| export const AUTHZ_MODULE_OPTIONS = Symbol('AUTHZ_MODULE_OPTIONS'); | ||
| export const AUTHZ_ENFORCER = Symbol('AUTHZ_ENFORCER'); | ||
| export const PERMISSIONS_METADATA = Symbol('__PERMISSIONS__'); |
@@ -5,3 +5,3 @@ import { | ||
| ExecutionContext, | ||
| Inject | ||
| Inject, | ||
| } from '@nestjs/common'; | ||
@@ -12,6 +12,6 @@ import { Reflector } from '@nestjs/core'; | ||
| PERMISSIONS_METADATA, | ||
| AUTHZ_MODULE_OPTIONS | ||
| AUTHZ_MODULE_OPTIONS, | ||
| } from './authz.constants'; | ||
| import * as casbin from 'casbin'; | ||
| import { Permission } from './interfaces/permission.interface'; | ||
| import type { Permission } from './interfaces/permission.interface'; | ||
| import { UnauthorizedException } from '@nestjs/common'; | ||
@@ -23,8 +23,10 @@ import { AuthPossession } from './types'; | ||
| export class AuthZGuard implements CanActivate { | ||
| constructor( | ||
| private readonly reflector: Reflector, | ||
| @Inject(AUTHZ_ENFORCER) private enforcer: casbin.Enforcer, | ||
| @Inject(AUTHZ_MODULE_OPTIONS) private options: AuthZModuleOptions | ||
| ) {} | ||
| @Inject(AUTHZ_ENFORCER) | ||
| private readonly enforcer: casbin.Enforcer; | ||
| @Inject(AUTHZ_MODULE_OPTIONS) | ||
| private readonly options: AuthZModuleOptions; | ||
| constructor(private readonly reflector: Reflector) {} | ||
| async canActivate(context: ExecutionContext): Promise<boolean> { | ||
@@ -34,3 +36,3 @@ try { | ||
| PERMISSIONS_METADATA, | ||
| context.getHandler() | ||
| context.getHandler(), | ||
| ); | ||
@@ -50,3 +52,3 @@ | ||
| user: string, | ||
| permission: Permission | ||
| permission: Permission, | ||
| ): Promise<boolean> => { | ||
@@ -62,5 +64,5 @@ const { possession, resource, action } = permission; | ||
| return AuthZGuard.asyncSome<AuthPossession>(poss, async p => { | ||
| return AuthZGuard.asyncSome<AuthPossession>(poss, async (p) => { | ||
| if (p === AuthPossession.OWN) { | ||
| return (permission as any).isOwn(context); | ||
| return permission.isOwn!(context); | ||
| } else { | ||
@@ -74,3 +76,3 @@ return this.enforcer.enforce(user, resource, `${action}:${p}`); | ||
| permissions, | ||
| async permission => hasPermission(username, permission) | ||
| async (permission) => hasPermission(username, permission), | ||
| ); | ||
@@ -86,3 +88,3 @@ | ||
| array: T[], | ||
| callback: (value: T, index: number, a: T[]) => Promise<boolean> | ||
| callback: (value: T, index: number, a: T[]) => Promise<boolean>, | ||
| ): Promise<boolean> { | ||
@@ -101,3 +103,3 @@ for (let i = 0; i < array.length; i++) { | ||
| array: T[], | ||
| callback: (value: T, index: number, a: T[]) => Promise<boolean> | ||
| callback: (value: T, index: number, a: T[]) => Promise<boolean>, | ||
| ): Promise<boolean> { | ||
@@ -104,0 +106,0 @@ for (let i = 0; i < array.length; i++) { |
@@ -12,3 +12,3 @@ import { Module, DynamicModule, Global } from '@nestjs/common'; | ||
| providers: [], | ||
| exports: [] | ||
| exports: [], | ||
| }) | ||
@@ -19,3 +19,3 @@ export class AuthZModule { | ||
| provide: AUTHZ_MODULE_OPTIONS, | ||
| useValue: options || {} | ||
| useValue: options || {}, | ||
| }; | ||
@@ -29,3 +29,3 @@ | ||
| throw new Error( | ||
| 'must provide either enforcerProvider or both model and policy' | ||
| 'must provide either enforcerProvider or both model and policy', | ||
| ); | ||
@@ -48,3 +48,3 @@ } | ||
| return casbin.newEnforcer(options.model, policyOption); | ||
| } | ||
| }, | ||
| }; | ||
@@ -60,3 +60,3 @@ } | ||
| AuthZRBACService, | ||
| AuthZManagementService | ||
| AuthZManagementService, | ||
| ], | ||
@@ -69,6 +69,6 @@ imports: importsModule, | ||
| AuthZRBACService, | ||
| AuthZManagementService | ||
| ] | ||
| AuthZManagementService, | ||
| ], | ||
| }; | ||
| } | ||
| } |
@@ -6,2 +6,3 @@ import { SetMetadata } from '@nestjs/common'; | ||
| // eslint-disable-next-line @typescript-eslint/no-unused-vars | ||
| const defaultIsOwn = (ctx: ExecutionContext): boolean => false; | ||
@@ -14,3 +15,3 @@ | ||
| export const UsePermissions = (...permissions: Permission[]) => { | ||
| const perms = permissions.map(item => { | ||
| const perms = permissions.map((item) => { | ||
| if (!item.isOwn) { | ||
@@ -17,0 +18,0 @@ item.isOwn = defaultIsOwn; |
@@ -6,3 +6,3 @@ import { | ||
| ForwardReference, | ||
| Type | ||
| Type, | ||
| } from '@nestjs/common'; | ||
@@ -9,0 +9,0 @@ |
@@ -10,6 +10,4 @@ import { Injectable, Inject } from '@nestjs/common'; | ||
| export class AuthZManagementService { | ||
| constructor( | ||
| @Inject(AUTHZ_ENFORCER) | ||
| private readonly enforcer: casbin.Enforcer | ||
| ) {} | ||
| @Inject(AUTHZ_ENFORCER) | ||
| private readonly enforcer: casbin.Enforcer; | ||
@@ -155,3 +153,3 @@ /** | ||
| fieldIndex, | ||
| ...fieldValues | ||
| ...fieldValues, | ||
| ); | ||
@@ -206,3 +204,3 @@ } | ||
| fieldIndex, | ||
| ...fieldValues | ||
| ...fieldValues, | ||
| ); | ||
@@ -305,3 +303,3 @@ } | ||
| oldRule: string[], | ||
| newRule: string[] | ||
| newRule: string[], | ||
| ): Promise<boolean> { | ||
@@ -380,3 +378,3 @@ return this.enforcer.updateNamedPolicy(ptype, oldRule, newRule); | ||
| fieldIndex, | ||
| ...fieldValues | ||
| ...fieldValues, | ||
| ); | ||
@@ -481,3 +479,3 @@ } | ||
| fieldIndex, | ||
| ...fieldValues | ||
| ...fieldValues, | ||
| ); | ||
@@ -507,3 +505,3 @@ } | ||
| ptype: string, | ||
| rules: string[][] | ||
| rules: string[][], | ||
| ): Promise<boolean> { | ||
@@ -529,3 +527,3 @@ return this.enforcer.removeNamedGroupingPolicies(ptype, rules); | ||
| fieldIndex, | ||
| ...fieldValues | ||
| ...fieldValues, | ||
| ); | ||
@@ -532,0 +530,0 @@ } |
@@ -12,6 +12,4 @@ import { Injectable, Inject } from '@nestjs/common'; | ||
| export class AuthZRBACService { | ||
| constructor( | ||
| @Inject(AUTHZ_ENFORCER) | ||
| private readonly enforcer: casbin.Enforcer | ||
| ) {} | ||
| @Inject(AUTHZ_ENFORCER) | ||
| private readonly enforcer: casbin.Enforcer; | ||
@@ -54,3 +52,3 @@ /** | ||
| role: string, | ||
| domain?: string | ||
| domain?: string, | ||
| ): Promise<boolean> { | ||
@@ -73,3 +71,3 @@ return this.enforcer.hasRoleForUser(name, role, domain); | ||
| role: string, | ||
| domain?: string | ||
| domain?: string, | ||
| ): Promise<boolean> { | ||
@@ -92,3 +90,3 @@ return this.enforcer.addRoleForUser(user, role, domain); | ||
| role: string, | ||
| domain?: string | ||
| domain?: string, | ||
| ): Promise<boolean> { | ||
@@ -95,0 +93,0 @@ return this.enforcer.deleteRoleForUser(user, role, domain); |
@@ -5,3 +5,3 @@ export enum AuthActionVerb { | ||
| DELETE = 'delete', | ||
| READ = 'read' | ||
| READ = 'read', | ||
| } | ||
@@ -14,3 +14,3 @@ | ||
| OWN = 'own', | ||
| OWN_ANY = 'own|any' | ||
| OWN_ANY = 'own|any', | ||
| } | ||
@@ -29,3 +29,3 @@ | ||
| READ_ANY = 'read:any', | ||
| READ_OWN = 'read:own' | ||
| READ_OWN = 'read:own', | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.14%
92099
- Number of package files
- increased by5.17%
61
Worsened metrics
- Dev dependency count
- increased by18.75%
19
- Number of medium maintenance alerts
- increased byInfinity%
1
- Number of lines in readme file
- decreased by-0.5%
198