29 lines
729 B
TypeScript
29 lines
729 B
TypeScript
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
|
|
import { Reflector } from '@nestjs/core';
|
|
|
|
/**
|
|
* Validates privileges.
|
|
*/
|
|
@Injectable()
|
|
export class PrivilegesGuard implements CanActivate {
|
|
constructor(private reflector: Reflector) {}
|
|
|
|
canActivate(context: ExecutionContext): boolean {
|
|
const privileges = this.reflector.get<string[]>(
|
|
'privileges',
|
|
context.getHandler(),
|
|
);
|
|
if (!privileges) {
|
|
return true;
|
|
}
|
|
const request = context.switchToHttp().getRequest();
|
|
const user = request.user;
|
|
return (
|
|
user.privileges.includes('*') ||
|
|
privileges.every((item) =>
|
|
user.privileges.find(({ name }) => name === item),
|
|
)
|
|
);
|
|
}
|
|
}
|