Comments (4)
stalniy
commented on June 16, 2024
Hey
thanks for the issue. Please show how you check permissions without all that Nest.js hassle.
There are 2 methods in casl:
- To define permissions
- To check it
you showed how you define permissions, now I need to see how you check it. In pure casl, there should be just few lines of code.
After all, this is casl repo) and at first we need to check that casl without Nest works as expected
from casl.
Dsantosjaime
commented on June 16, 2024
Yes sry, here it is:
@Injectable()
export class UserGuard implements CanActivate {
constructor(
private reflector: Reflector,
private caslAbilityFactory: CaslAbilityFactory,
) { }
async canActivate(context: ExecutionContext): Promise<boolean> {
const policyHandlers =
this.reflector.get<PolicyHandler[]>(
CHECK_POLICIES_KEY,
context.getHandler(),
) || [];
const { user } = context.switchToHttp().getRequest();
const ability = this.caslAbilityFactory.defineAbilityFor(user); <<<<
return policyHandlers.every((handler) =>
this.execPolicyHandler(handler, ability),
);
}
private execPolicyHandler(handler: PolicyHandler, ability) {
if (typeof handler === 'function') {
return handler(ability);
}
return handler.handle(ability);
}
}
As you can see I'm calling ''defineAbilityFor" and using "build()" to get ability, then ability is send to "UserPolicyHandler"
export class UserPolicyHandler implements IPolicyHandler {
private action: Action;
constructor(action: Action) {
this.action = action;
}
handle(ability) {
log(ability.can(this.action, 'User'))
return ability.can(this.action, 'User');
}
}
I'm logging the ability.can Right here.
from casl.
stalniy
commented on June 16, 2024
I see. Please read this section -> https://casl.js.org/v6/en/guide/intro#checking-logic
from casl.
Dsantosjaime
commented on June 16, 2024
Thank you, I'm checking it to understand what I missed.
I'm coming back to tell you if it solve my problem.
Ok in order to test, I changed my code like this:
export class UserPolicyHandler implements IPolicyHandler {
private action: Action;
constructor(action: Action) {
this.action = action;
}
handle(ability, model) {
return ability.can(this.action, model);
}
}
and
@Injectable()
export class UserGuard implements CanActivate {
constructor(
private reflector: Reflector,
private caslAbilityFactory: CaslAbilityFactory,
) { }
async canActivate(context: ExecutionContext): Promise<boolean> {
const policyHandlers =
this.reflector.get<PolicyHandler[]>(
CHECK_POLICIES_KEY,
context.getHandler(),
) || [];
const { user } = context.switchToHttp().getRequest();
const ability = this.caslAbilityFactory.defineAbilityFor(user);
return policyHandlers.every((handler) =>
this.execPolicyHandler(handler, ability, user),
);
}
private execPolicyHandler(handler: PolicyHandler, ability, user) {
if (typeof handler === 'function') {
return handler(ability, user);
}
return handler.handle(ability, user);
}
}
But I'm getting "False", but I'm checking my user with itself. Is it normal ?
from casl.
Related Issues (20)
- Overriding via provide in a plugin causes strange behavior in templates HOT 19
- Subjects and Scopes (I need help) HOT 1
- CASL HOT 2
- Have to use @ts-ignore while defining abilities, is something broken? HOT 1
- Missing $or operator HOT 1
- Implementing CASL on Front-End and Backend Use Case HOT 2
- Condition using $exists doesn't behave as expected HOT 3
- Prisma how to run other queries as findMany HOT 4
- @casl/angular AblePipe and AblePurePipe typing not working in Angular template HOT 2
- @casl/angular able and ablePure pipes are not working as exptected HOT 2
- Compatibility with Angular 17
- How to use accessibleFieldsBy without Mongoose (with basic Mondodb driver) HOT 3
- Add Support for Mongoose v8 in @casl/mongoose HOT 3
- @casl/[email protected] npm package is missing content HOT 3
- Error: Hydration failed because the initial UI does not match what was rendered on the server. HOT 2
- [not urgent] CLI Yarn warning: @casl/vue 1.x requests version lower than current 6.5.0 HOT 3
- cannot check ability if rules are loaded from database then we create ability using mongoCreateAbility HOT 9
- Extend Rule Checking Mechanism to Evaluate All Rules
- `rulesToQuery` should be generic over the return type of `RuleToQueryConverter` HOT 3
- Update ability JSON HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from casl.