feat: change Role decorator to accept multiples roles
This commit is contained in:
parent
d9cc0db0d2
commit
63176d1863
@ -1,4 +1,4 @@
|
||||
import { SetMetadata } from "@nestjs/common";
|
||||
import { $Enums } from "@prisma/client";
|
||||
|
||||
export const Role = (role: $Enums.Role) => SetMetadata("role", role);
|
||||
export const Roles = (roles: $Enums.Role[]) => SetMetadata("roles", roles);
|
||||
|
@ -12,8 +12,11 @@ export class RolesGuard implements CanActivate {
|
||||
constructor(private readonly reflector: Reflector) {}
|
||||
|
||||
canActivate(context: ExecutionContext): boolean {
|
||||
const role = this.reflector.get<string>("role", context.getHandler());
|
||||
if (!role) {
|
||||
const Roles = this.reflector.get<string[]>(
|
||||
"roles",
|
||||
context.getHandler(),
|
||||
);
|
||||
if (!Roles) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -24,10 +27,13 @@ export class RolesGuard implements CanActivate {
|
||||
throw new ForbiddenException("User not authenticated");
|
||||
}
|
||||
|
||||
const hasRole = role === user.role;
|
||||
const hasRole = Roles.some((role) => user.role?.includes(role));
|
||||
|
||||
if (!hasRole) {
|
||||
throw new UnauthorizedException(
|
||||
`You need to have the role ${role} to access this resource`,
|
||||
`You need to have the role ${Roles.map((role) => role).join(
|
||||
" or ",
|
||||
)}`,
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -15,7 +15,7 @@ import {
|
||||
ApiUnauthorizedResponse,
|
||||
} from "@nestjs/swagger";
|
||||
|
||||
import { Role } from "@/modules/auth/decorators/roles.decorator";
|
||||
import { Roles } from "@/modules/auth/decorators/roles.decorator";
|
||||
import { JwtAuthGuard } from "@/modules/auth/guards/jwt.guard";
|
||||
import { RolesGuard } from "@/modules/auth/guards/role.guard";
|
||||
|
||||
@ -40,7 +40,7 @@ export class UserController {
|
||||
constructor(private readonly userService: UserService) {}
|
||||
|
||||
@Get("users")
|
||||
@Role("ADMIN")
|
||||
@Roles(["ADMIN"])
|
||||
@ApiOkResponse({
|
||||
type: UserEntity,
|
||||
isArray: true,
|
||||
@ -61,7 +61,7 @@ export class UserController {
|
||||
}
|
||||
|
||||
@Get("user")
|
||||
@Role("ADMIN")
|
||||
@Roles(["ADMIN"])
|
||||
@ApiOkResponse({
|
||||
type: UserEntity,
|
||||
description: "The user has been successfully found.",
|
||||
@ -83,7 +83,7 @@ export class UserController {
|
||||
}
|
||||
|
||||
@Post("user")
|
||||
@Role("ADMIN")
|
||||
@Roles(["ADMIN"])
|
||||
@ApiOkResponse({
|
||||
type: UserEntity,
|
||||
description: "The user has been successfully created.",
|
||||
@ -114,7 +114,7 @@ export class UserController {
|
||||
}
|
||||
|
||||
@Delete("user")
|
||||
@Role("ADMIN")
|
||||
@Roles(["ADMIN"])
|
||||
@ApiOkResponse({
|
||||
type: UserEntity,
|
||||
description: "The user has been successfully deleted.",
|
||||
@ -140,7 +140,7 @@ export class UserController {
|
||||
}
|
||||
|
||||
@Delete("users")
|
||||
@Role("ADMIN")
|
||||
@Roles(["ADMIN"])
|
||||
@ApiOkResponse({
|
||||
description: "The users have been successfully deleted.",
|
||||
examples: {
|
||||
|
Loading…
Reference in New Issue
Block a user