mirror of
https://github.com/SyncrowIOT/backend.git
synced 2025-07-11 07:38:49 +00:00
Add space permission service and guards for various entities
This commit is contained in:
@ -1,11 +1,14 @@
|
||||
import { Global, Module } from '@nestjs/common';
|
||||
import { HelperHashService } from './services';
|
||||
import { SpacePermissionService } from './services/space.permission.service';
|
||||
import { SpaceRepository } from '../modules/space/repositories';
|
||||
import { SpaceRepositoryModule } from '../modules/space/space.repository.module';
|
||||
|
||||
@Global()
|
||||
@Module({
|
||||
providers: [HelperHashService],
|
||||
exports: [HelperHashService],
|
||||
providers: [HelperHashService, SpacePermissionService, SpaceRepository],
|
||||
exports: [HelperHashService, SpacePermissionService],
|
||||
controllers: [],
|
||||
imports: [],
|
||||
imports: [SpaceRepositoryModule],
|
||||
})
|
||||
export class HelperModule {}
|
||||
|
@ -1 +1,2 @@
|
||||
export * from './helper.hash.service';
|
||||
export * from './space.permission.service';
|
||||
|
35
libs/common/src/helper/services/space.permission.service.ts
Normal file
35
libs/common/src/helper/services/space.permission.service.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { SpaceRepository } from '@app/common/modules/space/repositories';
|
||||
import { BadRequestException } from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class SpacePermissionService {
|
||||
constructor(private readonly spaceRepository: SpaceRepository) {}
|
||||
|
||||
async checkUserPermission(
|
||||
spaceUuid: string,
|
||||
userUuid: string,
|
||||
type: string,
|
||||
): Promise<void> {
|
||||
const spaceData = await this.spaceRepository.findOne({
|
||||
where: {
|
||||
uuid: spaceUuid,
|
||||
spaceType: {
|
||||
type: type,
|
||||
},
|
||||
userSpaces: {
|
||||
user: {
|
||||
uuid: userUuid,
|
||||
},
|
||||
},
|
||||
},
|
||||
relations: ['spaceType', 'userSpaces', 'userSpaces.user'],
|
||||
});
|
||||
|
||||
if (!spaceData) {
|
||||
throw new BadRequestException(
|
||||
`You do not have permission to access this ${type}`,
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
35
src/guards/building.permission.guard.ts
Normal file
35
src/guards/building.permission.guard.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
|
||||
import {
|
||||
BadRequestException,
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
} from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class BuildingPermissionGuard implements CanActivate {
|
||||
constructor(private readonly permissionService: SpacePermissionService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const req = context.switchToHttp().getRequest();
|
||||
|
||||
try {
|
||||
const { buildingUuid } = req.params;
|
||||
const { user } = req;
|
||||
|
||||
if (!buildingUuid) {
|
||||
throw new BadRequestException('buildingUuid is required');
|
||||
}
|
||||
|
||||
await this.permissionService.checkUserPermission(
|
||||
buildingUuid,
|
||||
user.uuid,
|
||||
'building',
|
||||
);
|
||||
|
||||
return true;
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
}
|
35
src/guards/community.permission.guard.ts
Normal file
35
src/guards/community.permission.guard.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
|
||||
import {
|
||||
BadRequestException,
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
} from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class CommunityPermissionGuard implements CanActivate {
|
||||
constructor(private readonly permissionService: SpacePermissionService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const req = context.switchToHttp().getRequest();
|
||||
|
||||
try {
|
||||
const { communityUuid } = req.params;
|
||||
const { user } = req;
|
||||
|
||||
if (!communityUuid) {
|
||||
throw new BadRequestException('communityUuid is required');
|
||||
}
|
||||
|
||||
await this.permissionService.checkUserPermission(
|
||||
communityUuid,
|
||||
user.uuid,
|
||||
'community',
|
||||
);
|
||||
|
||||
return true;
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
}
|
35
src/guards/floor.permission.guard.ts
Normal file
35
src/guards/floor.permission.guard.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
|
||||
import {
|
||||
BadRequestException,
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
} from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class FloorPermissionGuard implements CanActivate {
|
||||
constructor(private readonly permissionService: SpacePermissionService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const req = context.switchToHttp().getRequest();
|
||||
|
||||
try {
|
||||
const { floorUuid } = req.params;
|
||||
const { user } = req;
|
||||
|
||||
if (!floorUuid) {
|
||||
throw new BadRequestException('floorUuid is required');
|
||||
}
|
||||
|
||||
await this.permissionService.checkUserPermission(
|
||||
floorUuid,
|
||||
user.uuid,
|
||||
'floor',
|
||||
);
|
||||
|
||||
return true;
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
}
|
35
src/guards/room.permission.guard.ts
Normal file
35
src/guards/room.permission.guard.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
|
||||
import {
|
||||
BadRequestException,
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
} from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class RoomPermissionGuard implements CanActivate {
|
||||
constructor(private readonly permissionService: SpacePermissionService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const req = context.switchToHttp().getRequest();
|
||||
|
||||
try {
|
||||
const { roomUuid } = req.params;
|
||||
const { user } = req;
|
||||
|
||||
if (!roomUuid) {
|
||||
throw new BadRequestException('roomUuid is required');
|
||||
}
|
||||
|
||||
await this.permissionService.checkUserPermission(
|
||||
roomUuid,
|
||||
user.uuid,
|
||||
'room',
|
||||
);
|
||||
|
||||
return true;
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
}
|
35
src/guards/unit.permission.guard.ts
Normal file
35
src/guards/unit.permission.guard.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { SpacePermissionService } from '@app/common/helper/services/space.permission.service';
|
||||
import {
|
||||
BadRequestException,
|
||||
CanActivate,
|
||||
ExecutionContext,
|
||||
Injectable,
|
||||
} from '@nestjs/common';
|
||||
|
||||
@Injectable()
|
||||
export class UnitPermissionGuard implements CanActivate {
|
||||
constructor(private readonly permissionService: SpacePermissionService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const req = context.switchToHttp().getRequest();
|
||||
|
||||
try {
|
||||
const { unitUuid } = req.params;
|
||||
const { user } = req;
|
||||
|
||||
if (!unitUuid) {
|
||||
throw new BadRequestException('unitUuid is required');
|
||||
}
|
||||
|
||||
await this.permissionService.checkUserPermission(
|
||||
unitUuid,
|
||||
user.uuid,
|
||||
'unit',
|
||||
);
|
||||
|
||||
return true;
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user