Add space permission service and guards for various entities

This commit is contained in:
faris Aljohari
2024-05-07 22:27:45 +03:00
parent c5e8cc1898
commit bee140f517
8 changed files with 217 additions and 3 deletions

View File

@ -1,11 +1,14 @@
import { Global, Module } from '@nestjs/common';
import { HelperHashService } from './services';
import { SpacePermissionService } from './services/space.permission.service';
import { SpaceRepository } from '../modules/space/repositories';
import { SpaceRepositoryModule } from '../modules/space/space.repository.module';
@Global()
@Module({
providers: [HelperHashService],
exports: [HelperHashService],
providers: [HelperHashService, SpacePermissionService, SpaceRepository],
exports: [HelperHashService, SpacePermissionService],
controllers: [],
imports: [],
imports: [SpaceRepositoryModule],
})
export class HelperModule {}

View File

@ -1 +1,2 @@
export * from './helper.hash.service';
export * from './space.permission.service';

View File

@ -0,0 +1,35 @@
import { Injectable } from '@nestjs/common';
import { SpaceRepository } from '@app/common/modules/space/repositories';
import { BadRequestException } from '@nestjs/common';
@Injectable()
export class SpacePermissionService {
constructor(private readonly spaceRepository: SpaceRepository) {}
async checkUserPermission(
spaceUuid: string,
userUuid: string,
type: string,
): Promise<void> {
const spaceData = await this.spaceRepository.findOne({
where: {
uuid: spaceUuid,
spaceType: {
type: type,
},
userSpaces: {
user: {
uuid: userUuid,
},
},
},
relations: ['spaceType', 'userSpaces', 'userSpaces.user'],
});
if (!spaceData) {
throw new BadRequestException(
`You do not have permission to access this ${type}`,
);
}
}
}

View File

@ -0,0 +1,35 @@
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
import {
BadRequestException,
CanActivate,
ExecutionContext,
Injectable,
} from '@nestjs/common';
@Injectable()
export class BuildingPermissionGuard implements CanActivate {
constructor(private readonly permissionService: SpacePermissionService) {}
async canActivate(context: ExecutionContext): Promise<boolean> {
const req = context.switchToHttp().getRequest();
try {
const { buildingUuid } = req.params;
const { user } = req;
if (!buildingUuid) {
throw new BadRequestException('buildingUuid is required');
}
await this.permissionService.checkUserPermission(
buildingUuid,
user.uuid,
'building',
);
return true;
} catch (error) {
throw error;
}
}
}

View File

@ -0,0 +1,35 @@
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
import {
BadRequestException,
CanActivate,
ExecutionContext,
Injectable,
} from '@nestjs/common';
@Injectable()
export class CommunityPermissionGuard implements CanActivate {
constructor(private readonly permissionService: SpacePermissionService) {}
async canActivate(context: ExecutionContext): Promise<boolean> {
const req = context.switchToHttp().getRequest();
try {
const { communityUuid } = req.params;
const { user } = req;
if (!communityUuid) {
throw new BadRequestException('communityUuid is required');
}
await this.permissionService.checkUserPermission(
communityUuid,
user.uuid,
'community',
);
return true;
} catch (error) {
throw error;
}
}
}

View File

@ -0,0 +1,35 @@
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
import {
BadRequestException,
CanActivate,
ExecutionContext,
Injectable,
} from '@nestjs/common';
@Injectable()
export class FloorPermissionGuard implements CanActivate {
constructor(private readonly permissionService: SpacePermissionService) {}
async canActivate(context: ExecutionContext): Promise<boolean> {
const req = context.switchToHttp().getRequest();
try {
const { floorUuid } = req.params;
const { user } = req;
if (!floorUuid) {
throw new BadRequestException('floorUuid is required');
}
await this.permissionService.checkUserPermission(
floorUuid,
user.uuid,
'floor',
);
return true;
} catch (error) {
throw error;
}
}
}

View File

@ -0,0 +1,35 @@
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
import {
BadRequestException,
CanActivate,
ExecutionContext,
Injectable,
} from '@nestjs/common';
@Injectable()
export class RoomPermissionGuard implements CanActivate {
constructor(private readonly permissionService: SpacePermissionService) {}
async canActivate(context: ExecutionContext): Promise<boolean> {
const req = context.switchToHttp().getRequest();
try {
const { roomUuid } = req.params;
const { user } = req;
if (!roomUuid) {
throw new BadRequestException('roomUuid is required');
}
await this.permissionService.checkUserPermission(
roomUuid,
user.uuid,
'room',
);
return true;
} catch (error) {
throw error;
}
}
}

View File

@ -0,0 +1,35 @@
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
import {
BadRequestException,
CanActivate,
ExecutionContext,
Injectable,
} from '@nestjs/common';
@Injectable()
export class UnitPermissionGuard implements CanActivate {
constructor(private readonly permissionService: SpacePermissionService) {}
async canActivate(context: ExecutionContext): Promise<boolean> {
const req = context.switchToHttp().getRequest();
try {
const { unitUuid } = req.params;
const { user } = req;
if (!unitUuid) {
throw new BadRequestException('unitUuid is required');
}
await this.permissionService.checkUserPermission(
unitUuid,
user.uuid,
'unit',
);
return true;
} catch (error) {
throw error;
}
}
}