Skip to content
/ nest-casl Public

A module for managing authorization in your nest application, using casl.

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

KnodesCommunity/nest-casl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

119 Commits
.circleci
.circleci
 
 
.husky
.husky
 
 
.vscode
.vscode
 
 
docs-source
docs-source
 
 
docs
docs
 
 
scripts/ci
scripts/ci
 
 
src
src
 
 
test
test
 
 
types
types
 
 
.eslintrc.js
.eslintrc.js
 
 
.gitignore
.gitignore
 
 
.nvmrc
.nvmrc
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
jest.config.js
jest.config.js
 
 
nest-cli.json
nest-cli.json
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
renovate.json5
renovate.json5
 
 
tsconfig.base.json
tsconfig.base.json
 
 
tsconfig.build.json
tsconfig.build.json
 
 
tsconfig.e2e-spec.json
tsconfig.e2e-spec.json
 
 
tsconfig.json
tsconfig.json
 
 
tsconfig.spec.json
tsconfig.spec.json
 
 
tsconfig.src.json
tsconfig.src.json
 
 
typedoc.js
typedoc.js
 
 

Repository files navigation

@knodes/nest-casl

Nest Logo  +  CASL Logo

A simple decorator-based way to check CASL abilities on NestJS controllers.

GitHub issues NPM version NPM downloads License CircleCI CodeClimate maintainability CodeClimate test coverage

Description

Use decorators everywhere to protect your controller methods.

Installation

npm install --save @knodes/nest-casl

Additionally, please make sure you have correct peer dependencies installed:

npm install @casl/ability@^5.0.0 @nestjs/common@^8.0.0 @nestjs/core@^8.0.0 lodash@^4.17.0 reflect-metadata@^0.1.13 rxjs@^7.0.0

In a nutshell

Declare a new service that converts the user of your request to a CASL ability:

import { Injectable } from '@nestjs/common';
import { AbilityBuilder, PureAbility } from '@casl/ability';
import { CaslAbilityFactory } from '@knodes/nest-casl';

@Injectable()
export class AbilityFactory implements CaslAbilityFactory {
	// Here, `request` is the express or fastify request. You might get infos from it.
	public createFromRequest( _request: unknown ): PureAbility {
		const abilityBuilder = new AbilityBuilder( PureAbility );
		abilityBuilder.can( 'feed', 'cat' );
		abilityBuilder.can( 'hug', 'cat' );
		abilityBuilder.can( 'pet', 'cat' );
		abilityBuilder.cannot( 'rename', 'cat' );
		return abilityBuilder.build();
	}
}

Import the module:

import { Module } from '@nestjs/common';
import { CaslModule } from '@knodes/nest-casl';

@Module( {
	imports: [
		CaslModule.withConfig( ( { abilityFactory: AbilityFactory } ) ),
		// ....
	],
} )
export class AppModule {}

Use decorators in your controller:

import { AbilityBuilder, PureAbility } from '@casl/ability';
import { Controller, Get } from '@nestjs/common';
import { InjectAbility, PoliciesMask, Policy } from '@knodes/nest-casl';

@Controller( '/cat/care' )
@PoliciesMask({
	'pet': { action: 'pet', subject: 'cat' }
})
export class CatCareController {
	// Okay, you can feed.
	@Get( 'feed' )
	@Policy( { action: 'feed', subject: 'cat' } )
	public feed(){
		// ...
	}

	// Well, I guess he won't bite.
	@Get( 'hug' )
	@Policy( { action: 'hug', subject: 'cat' } )
	public hug(){
		// ...
	}

	@Get( 'pet' )
	public pet( @InjectAbility() ability: PureAbility ){
		// ...
	}
}

For more details and usage with guards, please refer to the guide.

License

@knodes/nest-casl is MIT licensed.

About

A module for managing authorization in your nest application, using casl.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 10

v0.0.3: chore(release): 0.0.3 Latest
Mar 6, 2022
+ 9 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages