File

src/module/auth/guard/roles.guard.ts

Index

Methods

Constructor

constructor(reflector: Reflector)
Parameters :
Name Type Optional
reflector Reflector No

Methods

Async canActivate
canActivate(context: ExecutionContext)
Parameters :
Name Type Optional
context ExecutionContext No
Returns : {}
import { Injectable, CanActivate, ExecutionContext, UnauthorizedException, ForbiddenException } from '@nestjs/common';
import { Reflector } from '@nestjs/core';



@Injectable()
export class RolesGuard implements CanActivate {

    constructor(private readonly reflector: Reflector) { }

    async canActivate(context: ExecutionContext) {
        const request = context.switchToHttp().getRequest();

        const controllerRoleIds = this.reflector.get<number[]>('roleIds', context.getClass()) || [];
        const handlerRoleIds = this.reflector.get<number[]>('roleIds', context.getHandler()) || [];

        if (controllerRoleIds.length === 0 && handlerRoleIds.length === 0) return true;

        const roleIds = [...controllerRoleIds, ...handlerRoleIds];

        if (typeof request.user === 'object' && typeof request.user.group === 'object' && request.user.group.id !== undefined) {

            if (roleIds.find(roleId => roleId === request.user.group.id) !== undefined) {
                return true;
            } else {
                throw new ForbiddenException();
            }

        }

        throw new UnauthorizedException();

    }

}

result-matching ""

    No results matching ""