29 lines
729 B
TypeScript
29 lines
729 B
TypeScript
|
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
|
||
|
import { Reflector } from '@nestjs/core';
|
||
|
|
||
|
/**
|
||
|
* Validates privileges.
|
||
|
*/
|
||
|
@Injectable()
|
||
|
export class PrivilegesGuard implements CanActivate {
|
||
|
constructor(private reflector: Reflector) {}
|
||
|
|
||
|
canActivate(context: ExecutionContext): boolean {
|
||
|
const privileges = this.reflector.get<string[]>(
|
||
|
'privileges',
|
||
|
context.getHandler(),
|
||
|
);
|
||
|
if (!privileges) {
|
||
|
return true;
|
||
|
}
|
||
|
const request = context.switchToHttp().getRequest();
|
||
|
const user = request.user;
|
||
|
return (
|
||
|
user.privileges.includes('*') ||
|
||
|
privileges.every((item) =>
|
||
|
user.privileges.find(({ name }) => name === item),
|
||
|
)
|
||
|
);
|
||
|
}
|
||
|
}
|