src/module/auth/guard/roles.guard.ts
Methods |
|
constructor(reflector: Reflector)
|
||||||
Defined in src/module/auth/guard/roles.guard.ts:7
|
||||||
Parameters :
|
Async canActivate | ||||||
canActivate(context: ExecutionContext)
|
||||||
Defined in src/module/auth/guard/roles.guard.ts:11
|
||||||
Parameters :
Returns :
{}
|
import { Injectable, CanActivate, ExecutionContext, UnauthorizedException, ForbiddenException } from '@nestjs/common';
import { Reflector } from '@nestjs/core';
@Injectable()
export class RolesGuard implements CanActivate {
constructor(private readonly reflector: Reflector) { }
async canActivate(context: ExecutionContext) {
const request = context.switchToHttp().getRequest();
const controllerRoleIds = this.reflector.get<number[]>('roleIds', context.getClass()) || [];
const handlerRoleIds = this.reflector.get<number[]>('roleIds', context.getHandler()) || [];
if (controllerRoleIds.length === 0 && handlerRoleIds.length === 0) return true;
const roleIds = [...controllerRoleIds, ...handlerRoleIds];
if (typeof request.user === 'object' && typeof request.user.group === 'object' && request.user.group.id !== undefined) {
if (roleIds.find(roleId => roleId === request.user.group.id) !== undefined) {
return true;
} else {
throw new ForbiddenException();
}
}
throw new UnauthorizedException();
}
}