Spaces:
Sleeping
Sleeping
Create rbac policy and role in enums
Browse files
backend/package-lock.json
CHANGED
@@ -17,6 +17,7 @@
|
|
17 |
"@nestjs/typeorm": "^10.0.2",
|
18 |
"dotenv": "^16.4.5",
|
19 |
"mysql2": "^3.11.3",
|
|
|
20 |
"pg": "^8.13.0",
|
21 |
"reflect-metadata": "^0.2.0",
|
22 |
"rxjs": "^7.8.1",
|
@@ -2527,6 +2528,15 @@
|
|
2527 |
"node": ">= 0.6"
|
2528 |
}
|
2529 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2530 |
"node_modules/acorn": {
|
2531 |
"version": "8.12.1",
|
2532 |
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.12.1.tgz",
|
@@ -6525,6 +6535,24 @@
|
|
6525 |
"integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==",
|
6526 |
"dev": true
|
6527 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6528 |
"node_modules/node-abort-controller": {
|
6529 |
"version": "3.1.1",
|
6530 |
"resolved": "https://registry.npmjs.org/node-abort-controller/-/node-abort-controller-3.1.1.tgz",
|
@@ -6580,6 +6608,12 @@
|
|
6580 |
"node": ">=0.10.0"
|
6581 |
}
|
6582 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
6583 |
"node_modules/npm-run-path": {
|
6584 |
"version": "4.0.1",
|
6585 |
"resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz",
|
|
|
17 |
"@nestjs/typeorm": "^10.0.2",
|
18 |
"dotenv": "^16.4.5",
|
19 |
"mysql2": "^3.11.3",
|
20 |
+
"nest-access-control": "^3.1.0",
|
21 |
"pg": "^8.13.0",
|
22 |
"reflect-metadata": "^0.2.0",
|
23 |
"rxjs": "^7.8.1",
|
|
|
2528 |
"node": ">= 0.6"
|
2529 |
}
|
2530 |
},
|
2531 |
+
"node_modules/accesscontrol": {
|
2532 |
+
"version": "2.2.1",
|
2533 |
+
"resolved": "https://registry.npmjs.org/accesscontrol/-/accesscontrol-2.2.1.tgz",
|
2534 |
+
"integrity": "sha512-52EvFk/J9EF+w4mYQoKnOTkEMj01R1U5n2fc1dai6x1xkgOks3DGkx01qQL2cKFxGmE4Tn1krAU3jJA9L1NMkg==",
|
2535 |
+
"license": "MIT",
|
2536 |
+
"dependencies": {
|
2537 |
+
"notation": "^1.3.6"
|
2538 |
+
}
|
2539 |
+
},
|
2540 |
"node_modules/acorn": {
|
2541 |
"version": "8.12.1",
|
2542 |
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.12.1.tgz",
|
|
|
6535 |
"integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==",
|
6536 |
"dev": true
|
6537 |
},
|
6538 |
+
"node_modules/nest-access-control": {
|
6539 |
+
"version": "3.1.0",
|
6540 |
+
"resolved": "https://registry.npmjs.org/nest-access-control/-/nest-access-control-3.1.0.tgz",
|
6541 |
+
"integrity": "sha512-rg8OWIcvA2gGiSjnl141RDg2B+R7YgyYgCl3D67NcK7/1TXoTJCdqSyFysYXzkiHiXZOvANKYkvke//p6Yzl8g==",
|
6542 |
+
"license": "MIT",
|
6543 |
+
"dependencies": {
|
6544 |
+
"accesscontrol": "^2.2.1",
|
6545 |
+
"tslib": "^2.6.2"
|
6546 |
+
},
|
6547 |
+
"peerDependencies": {
|
6548 |
+
"@nestjs/graphql": "^7.0.0 || ^8.0.0 || ^9.0.0 || ^10.0.0 || ^11.0.0 || ^12.0.0"
|
6549 |
+
},
|
6550 |
+
"peerDependenciesMeta": {
|
6551 |
+
"@nestjs/graphql": {
|
6552 |
+
"optional": true
|
6553 |
+
}
|
6554 |
+
}
|
6555 |
+
},
|
6556 |
"node_modules/node-abort-controller": {
|
6557 |
"version": "3.1.1",
|
6558 |
"resolved": "https://registry.npmjs.org/node-abort-controller/-/node-abort-controller-3.1.1.tgz",
|
|
|
6608 |
"node": ">=0.10.0"
|
6609 |
}
|
6610 |
},
|
6611 |
+
"node_modules/notation": {
|
6612 |
+
"version": "1.3.6",
|
6613 |
+
"resolved": "https://registry.npmjs.org/notation/-/notation-1.3.6.tgz",
|
6614 |
+
"integrity": "sha512-DIuJmrP/Gg1DcXKaApsqcjsJD6jEccqKSfmU3BUx/f1GHsMiTJh70cERwYc64tOmTRTARCeMwkqNNzjh3AHhiw==",
|
6615 |
+
"license": "MIT"
|
6616 |
+
},
|
6617 |
"node_modules/npm-run-path": {
|
6618 |
"version": "4.0.1",
|
6619 |
"resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz",
|
backend/package.json
CHANGED
@@ -33,6 +33,7 @@
|
|
33 |
"@nestjs/typeorm": "^10.0.2",
|
34 |
"dotenv": "^16.4.5",
|
35 |
"mysql2": "^3.11.3",
|
|
|
36 |
"pg": "^8.13.0",
|
37 |
"reflect-metadata": "^0.2.0",
|
38 |
"rxjs": "^7.8.1",
|
|
|
33 |
"@nestjs/typeorm": "^10.0.2",
|
34 |
"dotenv": "^16.4.5",
|
35 |
"mysql2": "^3.11.3",
|
36 |
+
"nest-access-control": "^3.1.0",
|
37 |
"pg": "^8.13.0",
|
38 |
"reflect-metadata": "^0.2.0",
|
39 |
"rxjs": "^7.8.1",
|
backend/src/app.module.ts
CHANGED
@@ -9,6 +9,9 @@ import { AppLoggerMiddleware } from './common/middlewares/app-logger.middleware.
|
|
9 |
import { DeviceInfoMiddleware } from './common/middlewares/device-info.middleware.js';
|
10 |
import { UserModule } from './modules/user/user.module.js';
|
11 |
import { BranchModule } from './modules/branch/branch.module.js';
|
|
|
|
|
|
|
12 |
|
13 |
@Module({
|
14 |
imports: [
|
@@ -22,6 +25,7 @@ import { BranchModule } from './modules/branch/branch.module.js';
|
|
22 |
}),
|
23 |
UserModule,
|
24 |
BranchModule,
|
|
|
25 |
],
|
26 |
controllers: [AppController],
|
27 |
providers: [AppService],
|
|
|
9 |
import { DeviceInfoMiddleware } from './common/middlewares/device-info.middleware.js';
|
10 |
import { UserModule } from './modules/user/user.module.js';
|
11 |
import { BranchModule } from './modules/branch/branch.module.js';
|
12 |
+
import { AuthenticationModule } from './modules/authentication/authentication.module';
|
13 |
+
import {AccessControlModule, ACGuard} from 'nest-access-control'
|
14 |
+
import { APP_GUARD } from '@nestjs/core';
|
15 |
|
16 |
@Module({
|
17 |
imports: [
|
|
|
25 |
}),
|
26 |
UserModule,
|
27 |
BranchModule,
|
28 |
+
AuthenticationModule,
|
29 |
],
|
30 |
controllers: [AppController],
|
31 |
providers: [AppService],
|
backend/src/modules/authentication/enums/index.ts
ADDED
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
export enum Role {
|
2 |
+
CUSTOMER = 'CUSTOMER',
|
3 |
+
ADMIN = 'ADMIN',
|
4 |
+
BRANCH_MANAGER = 'BRANCH_MANAGER',
|
5 |
+
AREA_MANAGER = 'AREA_MANAGER',
|
6 |
+
STAFF = 'STAFF',
|
7 |
+
SHIPPER = 'SHIPPER'
|
8 |
+
}
|
backend/src/modules/authentication/rbac-policy.ts
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
import { RolesBuilder } from 'nest-access-control';
|
2 |
+
import { Role } from './enums';
|
3 |
+
|
4 |
+
export const RBAC_POLICY: RolesBuilder = new RolesBuilder();
|
5 |
+
|
6 |
+
// prettier-ignore
|
7 |
+
RBAC_POLICY
|
8 |
+
.grant(Role.ADMIN)
|
9 |
+
.read()
|