Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for adding custom decorators to endpoints #36

Closed
izundo-viennv opened this issue Feb 25, 2020 · 8 comments
Closed

Add support for adding custom decorators to endpoints #36

izundo-viennv opened this issue Feb 25, 2020 · 8 comments
Labels
enhancement New feature or request

Comments

@izundo-viennv
Copy link

izundo-viennv commented Feb 25, 2020
edited
Loading

@doug-martin
I found that the library has support for adding filters, pipes, guards, but I don't know if I want to add @Permissions(['READ', 'UPDATE']) to built-in endpoints. Like what I did for custom methods:

@Query(() => UserDTO)
@UseGuards(JwtAuthGuard, GqlAuthGuard)
@Permissions(['READ', 'UPDATE'])
async me(@CurrentUser() user: User): Promise<UserDTO> {
  return this.service.findById(user.id);
}
@doug-martin
Copy link
Owner

Where does permissions come from? Is it a guard?

@izundo-viennv
Copy link
Author

izundo-viennv commented Feb 25, 2020
edited
Loading

@doug-martin Permissions will be read from GqlAuthGuard guard. How to address this issue?

@doug-martin
Copy link
Owner

I was wondering if @Permissions is from an opensource library or did is in internal?

The reason I ask is without more context it is hard to answer your question.

If it were my project I would try to make a new PermissionsGuard that accepts the roles and blocks requests accordingly.

@doug-martin
Copy link
Owner

Again, without more information this is hard to answer.

@izundo-viennv
Copy link
Author

This is for GqlAuthGuard

@Injectable()
export class GqlAuthGuard implements CanActivate {
  constructor(
    private readonly reflector: Reflector,
    private readonly userService: UserService,
  ) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const ctx = GqlExecutionContext.create(context).getContext();
    const user = ctx.req.user as User;

    if (!this.userService.canAccess(user)) {
      return false;
    }

    const permissions = this.reflector.get<string[]>(
      PermissionsMetaKey,
      context.getHandler(),
    );

    const grantedPermissions = user.grantedPermissions;

    if (grantedPermissions.some(gp => permissions.some(p => p === gp.name))) {
      return true;
    }

    return false;
  }
}

And this is for Permissions (this is the custom decorator I wrote)

import { SetMetadata } from '@nestjs/common';

export const PermissionsMetaKey = 'permissions';

export const Permissions = (permissions: string[]) =>
  SetMetadata(PermissionsMetaKey, permissions);

@izundo-viennv
Copy link
Author

@doug-martin In GqlAuthGuard it's just simple read metadata set to method handler to get permissions for checking

doug-martin added a commit that referenced this issue Feb 26, 2020
@doug-martin
Fix for issue36
8a5c775 
* [ADDED] `decorators` option to resolver options to allow providing custom decorators to endpoints #36
@doug-martin doug-martin mentioned this issue Feb 26, 2020
Merged
@doug-martin doug-martin added the enhancement New feature or request label Feb 26, 2020
doug-martin added a commit that referenced this issue Feb 26, 2020
@doug-martin
Fix for issue36
04b0444 
* [ADDED] `decorators` option to resolver options to allow providing custom decorators to endpoints #36
@doug-martin
Copy link
Owner

Published under v0.5.0

@izundo-viennv
Copy link
Author

@doug-martin Thank you very much. You're awesome

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@doug-martin @izundo-viennv