IcyNetwork
/
icynet-auth-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
icynet-auth-server/src/modules/api/admin/admin.service.ts

31 lines
833 B
TypeScript
Raw Normal View History

comprehensive oauth2 admin api
2022-08-27 15:52:37 +00:00
import { Injectable } from '@nestjs/common';
separate role for user oauth2 clients
2022-08-27 16:58:24 +00:00
import { Client } from 'connect-redis';
import { User } from 'src/modules/objects/user/user.entity';
comprehensive oauth2 admin api
2022-08-27 15:52:37 +00:00
separate role for user oauth2 clients
2022-08-27 16:58:24 +00:00
const UNPRIVILEGED_STRIP = ['openid', 'id_token', 'management', 'implicit'];
comprehensive oauth2 admin api
2022-08-27 15:52:37 +00:00
@Injectable()
export class AdminService {
separate role for user oauth2 clients
2022-08-27 16:58:24 +00:00
public userHasPrivilege(user: User, privilege: string): boolean {
return user.privileges.some(({ name }) => name === privilege);
}
public userCanEditClient(user: User, client: Client): boolean {
if (this.userHasPrivilege(user, 'admin:oauth2')) {
return true;
}
return client.owner?.id === user.id;
}
public removeUnprivileged(input: string[]): string[] {
return input.reduce((list, current) => {
if (UNPRIVILEGED_STRIP.includes(current)) {
return list;
}
return [...list, current];
}, []);
}
comprehensive oauth2 admin api
2022-08-27 15:52:37 +00:00
}