functional role guard

unknowncoder05 · unknowncoder05 · commit dd8059449f04 · 2021-07-09T06:37:53.000-05:00
diff --git a/src/controllers/projects/projects.controller.ts b/src/controllers/projects/projects.controller.ts
@@ -17,14 +17,12 @@ import { Role } from '../../entities/user.entity'
 export class ProjectsController {
     constructor(private projectService: ProjectService) { }
     @Public()
-    @Roles(Role.DEFAULT)
     @Get(":projectID")
     @HttpCode(HttpStatus.FOUND)
     async get(@Param("projectID", ParseIntPipe) projectID: number): Promise<object> {
         return { data: await this.projectService.getProject(projectID) }//AppService.getProject(projectID);
     }
     @Public()
-    @Roles(Role.DEFAULT)
     @Get()
     @HttpCode(HttpStatus.FOUND)
     async list(@Query() params: any): Promise<object> {
@@ -48,6 +46,7 @@ export class ProjectsController {
     async update(@Param("projectID", ParseIntPipe) projectID: number, @Body(new JoiValidationPipe(projectSchema)) payload: any): Promise<object> {
         return { msg: "updated", data: await this.projectService.updateProject(projectID, payload) }
     }
+    @Roles(Role.DEFAULT)
     @Delete(":projectID")
     async delete(@Param("projectID", ParseIntPipe) projectID: number): Promise<object> {
         let deleted = await this.projectService.deleteProject(projectID)
diff --git a/src/modules/auth/controllers/auth/auth.controller.ts b/src/modules/auth/controllers/auth/auth.controller.ts
@@ -8,7 +8,6 @@ export class AuthController {
     @UseGuards(AuthGuard('local'))
     @Post('login')
     login(@Req() req: Request) {
-        
         return this.authService.generateJWT(req.user);
     }
 }
diff --git a/src/modules/auth/guards/roles.guard.ts b/src/modules/auth/guards/roles.guard.ts
@@ -2,6 +2,7 @@ import { CanActivate, ExecutionContext, Injectable, ForbiddenException} from '@n
 import { Observable } from 'rxjs';
 import { Reflector } from '@nestjs/core';
 import { ROLE_KEY } from '../decorators/roles.decorator'
+import { IS_PUBLIC_KEY } from '../decorators/public.decorator'
 import { Role } from '../../../entities/user.entity'
 import { UsersService } from '../../users/services/users/users.service'
 @Injectable()
@@ -11,11 +12,18 @@ export class RolesGuard implements CanActivate {
 
   async canActivate(
     context: ExecutionContext,
-  ): boolean | Promise<boolean> | Observable<boolean> {
+  ): Promise<boolean> {
     const roles =  this.reflector.get(ROLE_KEY, context.getHandler())
     const request = context.switchToHttp().getRequest();
-    const userId = request.id
-    const user = await this.userService.get(userId)
+    const reqUser = request.user
+    if (!reqUser){
+      const isPublic = this.reflector.get(IS_PUBLIC_KEY, context.getHandler())
+      if (isPublic) return true
+      else return false
+    }
+    if (!roles) return false
+
+    const user = await this.userService.get(reqUser.sub)
     if(user.role == Role.ADMIN) return true
     if(roles.some(item => item === user.role)) return true
     throw new ForbiddenException('not enough privilages')
diff --git a/src/modules/auth/services/auth/auth.service.ts b/src/modules/auth/services/auth/auth.service.ts
@@ -22,10 +22,11 @@ export class AuthService {
         return null
     }
     generateJWT(user) {
-        const payload = { id: user.id };
+        const payload = { sub: user.id };
+        const {id,password,...resUsser} = user
         return {
           access_token: this.jwtService.sign(payload),
-          user,
+          resUsser,
         };
       }
 }
diff --git a/src/modules/users/services/users/users.service.ts b/src/modules/users/services/users/users.service.ts
@@ -18,7 +18,7 @@ export class UsersService {
         let element = this.userRepo.create({ username, email, password: pswHash })
         await this.userRepo.save(element)
     }
-    async get(id: number): Promise<object> {
+    async get(id: number) {
         const user = await this.userRepo.findOne(
             {
                 where: { id },
@@ -34,7 +34,7 @@ export class UsersService {
         const user = await this.userRepo.findOne(
             {
                 where: { email },
-                select: ["username", "email", "role", "password", "creationDate"]
+                select: ["id","username", "email", "role", "password", "creationDate"]
             }
         );
         if (!user) {

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,6 @@ export class AuthController {`
`8`	`8`	`@UseGuards(AuthGuard('local'))`
`9`	`9`	`@Post('login')`
`10`	`10`	`login(@Req() req: Request) {`
`11`		`-`
`12`	`11`	`return this.authService.generateJWT(req.user);`
`13`	`12`	`}`
`14`	`13`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,10 +22,11 @@ export class AuthService {`
`22`	`22`	`return null`
`23`	`23`	`}`
`24`	`24`	`generateJWT(user) {`
`25`		`- const payload = { id: user.id };`
	`25`	`+ const payload = { sub: user.id };`
	`26`	`+ const {id,password,...resUsser} = user`
`26`	`27`	`return {`
`27`	`28`	`access_token: this.jwtService.sign(payload),`
`28`		`- user,`
	`29`	`+ resUsser,`
`29`	`30`	`};`
`30`	`31`	`}`
`31`	`32`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ export class UsersService {`
`18`	`18`	`let element = this.userRepo.create({ username, email, password: pswHash })`
`19`	`19`	`await this.userRepo.save(element)`
`20`	`20`	`}`
`21`		`- async get(id: number): Promise<object> {`
	`21`	`+ async get(id: number) {`
`22`	`22`	`const user = await this.userRepo.findOne(`
`23`	`23`	`{`
`24`	`24`	`where: { id },`
`@@ -34,7 +34,7 @@ export class UsersService {`
`34`	`34`	`const user = await this.userRepo.findOne(`
`35`	`35`	`{`
`36`	`36`	`where: { email },`
`37`		`- select: ["username", "email", "role", "password", "creationDate"]`
	`37`	`+ select: ["id","username", "email", "role", "password", "creationDate"]`
`38`	`38`	`}`
`39`	`39`	`);`
`40`	`40`	`if (!user) {`