nest-role-access-kato

nest-role-access-kato

This package provides a NestJS implementation for role-based access control (RBAC) to manage user permissions effectively.

Installation

To install the package, you can use either npm or yarn:

     npm install nest-role-access-kato

     
 or

 ```bash
   yarn add nest-role-access-kato


Setup

Module Import

In your main application module (e.g., AppModule), import the RoleModule from the package:


import { Module } from '@nestjs/common';
import { MongooseModule } from '@nestjs/mongoose';
import { RoleModule } from 'nest-role-access-kato'; // Adjust path if necessary

@Module({
  imports: [
    MongooseModule.forRoot('your_mongo_db_connection_string'), // Connect to your MongoDB
    RoleModule,
  ],
})
export class AppModule {}


Features

Create roles and role groups from JSON files.
Validate the structure of roles and role groups.
Check permissions for role groups based on routes and HTTP methods.

Usage

Import the RoleUtilityService in your NestJS module:


import { Module } from '@nestjs/common';
import { RoleUtilityService } from './role-utility.service';
import { RoleService } from './role.service';
import { RoleGroupService } from './role-group.service';

@Module({
    providers: [RoleUtilityService, RoleService, RoleGroupService],
    exports: [RoleUtilityService],
})
export class RoleModule {}


Example JSON Structure

Roles


[
    {
        "name": "Public",
        "permissions": [
            "GET::/v1/users",
            "PUT::/v1/users",
            "POST::/v1/users"
        ]
    },
    {
        "name": "User",
        "permissions": [
            "GET::/v1/users/:id",
            "PUT::/v1/users/:id",
            "POST::/v1/users/:id"
        ]
    }
]

Role Groups

[
    {
        "name": "Admin Group",
        "type": "Admin",
        "roles": ["60f7a8e5c2b1e92d1c8d0e98", "60f7a8e5c2b1e92d1c8d0e99"]
    },
    {
        "name": "User Group",
        "type": "User",
        "roles": ["60f7a8e5c2b1e92d1c8d0e97"]
    }
]

Methods
createRolesFromFile(filePath: string): Promise<void>
Reads roles from a JSON file and creates them in the database.

createRoleGroupsFromFile(filePath: string): Promise<void>
Reads role groups from a JSON file and creates them in the database.

hasPermission(roleGroupId: string, route: string, method: string): Promise<boolean>
Checks if a role group has permission for a specific route and HTTP method.

Constants
The service uses the following constants defined in ROLE_CONSTANTS:

REQUIRED_KEYS: Required keys for role and role group validation.
ALLOWED_METHODS: Allowed HTTP methods for permissions validation.
Error Handling
The service throws HttpException with appropriate HTTP status codes for errors encountered during operations, such as:

404 Not Found when a role group is not found.
General errors during file reading or processing.