node-casbin · hsluoyz · Jul 20, 2023 · Jul 18, 2023 · Jul 18, 2023 · Jul 20, 2023
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -0,0 +1,26 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  ignorePatterns: ['.eslintrc.js', '**/dist/**'],
+  plugins: ['@typescript-eslint/eslint-plugin'],
+  extends: ['plugin:@typescript-eslint/recommended'],
+  root: true,
+  env: {
+    node: true,
+    jest: true,
+  },
+  rules: {
+    '@typescript-eslint/interface-name-prefix': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    '@typescript-eslint/explicit-module-boundary-types': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+    'no-extra-semi': 'off',
+    "dot-notation": "off",
+    "import/order": "off",
+    "max-len": [2, { "code": 150 }],
+    "no-useless-constructor": "off",
+    "@typescript-eslint/no-empty-interface": "off",
+    "arrow-parens": "off",
+    "sort-keys": "off",
+    "comma-dangle": "off"
+  }
+}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,15 +2,20 @@ name: Node.js CI
 
 on:
   push:
+    branches:
+      - master
+
   pull_request:
+    branches:
+      - master
 
 jobs:
   test:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
-        node-version: [^14, ^16, ^18]
+        node-version: [^16, ^18]
 
     steps:
       - uses: actions/checkout@v2

diff --git a/.prettierrc b/.prettierrc
diff --git a/.prettierrc.js b/.prettierrc.js
@@ -0,0 +1,4 @@
+/** @type {import('prettier').Config} */
+module.exports = {
+  "singleQuote": true,
+}
diff --git a/jest.config.js b/jest.config.js
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "nest-authz",
   "version": "2.4.0",
-  "description": "基于 node-casbin 实现的 RBAC 权限控制模块。",
+  "description": "Nest authorization middleware based on Node-Casbin",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "engines": {
@@ -17,10 +17,10 @@
     "prepublish": "yarn lint && yarn build",
     "style": "prettier --check \"src/**/*.ts\"",
     "format": "prettier --write \"src/**/*.ts\"",
-    "lint": "tslint -p tsconfig.json -c tslint.json",
+    "lint": "eslint --cache .",
     "release": "standard-version",
-    "test": "jest",
-    "coverage": "jest --coverage",
+    "test": "vitest",
+    "coverage": "vitest --coverage",
     "typecheck": "tsc --noEmit"
   },
   "keywords": [],
@@ -32,20 +32,23 @@
   "devDependencies": {
     "@nestjs/common": "^9.0.3",
     "@nestjs/core": "^9.0.3",
-    "@types/jest": "24.9.0",
+    "@types/eslint": "^8.44.0",
     "@types/node": "11.15.50",
+    "@typescript-eslint/eslint-plugin": "^6.1.0",
+    "@typescript-eslint/parser": "^6.1.0",
+    "@vitest/coverage-v8": "^0.33.0",
     "commitizen": "4.2.4",
     "cz-conventional-changelog": "3.3.0",
-    "jest": "24.9.0",
-    "prettier": "1.19.1",
+    "eslint": "^8.45.0",
+    "eslint-plugin-prettier": "^5.0.0",
+    "prettier": "^3.0.0",
     "reflect-metadata": "0.1.13",
     "rimraf": "3.0.1",
     "rxjs": "^6.0.0",
     "standard-version": "8.0.2",
-    "ts-jest": "24.3.0",
     "ts-node": "10.0.0",
-    "tslint": "5.11.0",
-    "typescript": "^5.0.0"
+    "typescript": "^5.0.0",
+    "vitest": "^0.33.0"
   },
   "peerDependencies": {
     "@nestjs/common": "^9.0.3 || ^10.0.0",

diff --git a/src/authz.constants.ts b/src/authz.constants.ts
@@ -1,3 +1,3 @@
-export const AUTHZ_MODULE_OPTIONS = 'AUTHZ_MODULE_OPTIONS';
-export const AUTHZ_ENFORCER = 'AUTHZ_ENFORCER';
-export const PERMISSIONS_METADATA = '__PERMISSIONS__';
+export const AUTHZ_MODULE_OPTIONS = Symbol('AUTHZ_MODULE_OPTIONS');
+export const AUTHZ_ENFORCER = Symbol('AUTHZ_ENFORCER');
+export const PERMISSIONS_METADATA = Symbol('__PERMISSIONS__');
diff --git a/src/authz.guard.ts b/src/authz.guard.ts
@@ -2,33 +2,35 @@ import {
   Injectable,
   CanActivate,
   ExecutionContext,
-  Inject
+  Inject,
 } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import {
   AUTHZ_ENFORCER,
   PERMISSIONS_METADATA,
-  AUTHZ_MODULE_OPTIONS
+  AUTHZ_MODULE_OPTIONS,
 } from './authz.constants';
 import * as casbin from 'casbin';
-import { Permission } from './interfaces/permission.interface';
+import type { Permission } from './interfaces/permission.interface';
 import { UnauthorizedException } from '@nestjs/common';
 import { AuthPossession } from './types';
 import { AuthZModuleOptions } from './interfaces/authz-module-options.interface';
 
 @Injectable()
 export class AuthZGuard implements CanActivate {
-  constructor(
-    private readonly reflector: Reflector,
-    @Inject(AUTHZ_ENFORCER) private enforcer: casbin.Enforcer,
-    @Inject(AUTHZ_MODULE_OPTIONS) private options: AuthZModuleOptions
-  ) {}
+  @Inject(AUTHZ_ENFORCER)
+  private readonly enforcer: casbin.Enforcer;
+
+  @Inject(AUTHZ_MODULE_OPTIONS)
+  private readonly options: AuthZModuleOptions;
+
+  constructor(private readonly reflector: Reflector) {}
 
   async canActivate(context: ExecutionContext): Promise<boolean> {
     try {
       const permissions: Permission[] = this.reflector.get<Permission[]>(
         PERMISSIONS_METADATA,
-        context.getHandler()
+        context.getHandler(),
       );
 
       if (!permissions) {
@@ -43,7 +45,7 @@ export class AuthZGuard implements CanActivate {
 
       const hasPermission = async (
         user: string,
-        permission: Permission
+        permission: Permission,
       ): Promise<boolean> => {
         const { possession, resource, action } = permission;
         const poss = [];
@@ -54,9 +56,9 @@ export class AuthZGuard implements CanActivate {
           poss.push(possession);
         }
 
-        return AuthZGuard.asyncSome<AuthPossession>(poss, async p => {
+        return AuthZGuard.asyncSome<AuthPossession>(poss, async (p) => {
           if (p === AuthPossession.OWN) {
-            return (permission as any).isOwn(context);
+            return permission.isOwn!(context);
           } else {
             return this.enforcer.enforce(user, resource, `${action}:${p}`);
           }
@@ -65,7 +67,7 @@ export class AuthZGuard implements CanActivate {
 
       const result = await AuthZGuard.asyncEvery<Permission>(
         permissions,
-        async permission => hasPermission(username, permission)
+        async (permission) => hasPermission(username, permission),
       );
 
       return result;
@@ -76,7 +78,7 @@ export class AuthZGuard implements CanActivate {
 
   static async asyncSome<T>(
     array: T[],
-    callback: (value: T, index: number, a: T[]) => Promise<boolean>
+    callback: (value: T, index: number, a: T[]) => Promise<boolean>,
   ): Promise<boolean> {
     for (let i = 0; i < array.length; i++) {
       const result = await callback(array[i], i, array);
@@ -90,7 +92,7 @@ export class AuthZGuard implements CanActivate {
 
   static async asyncEvery<T>(
     array: T[],
-    callback: (value: T, index: number, a: T[]) => Promise<boolean>
+    callback: (value: T, index: number, a: T[]) => Promise<boolean>,
   ): Promise<boolean> {
     for (let i = 0; i < array.length; i++) {
       const result = await callback(array[i], i, array);