louis/targo-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(guard): small fix

Browse Source
This commit is contained in:
Matthieu Haineault 2025-07-21 16:03:38 -04:00
parent 594d5af0cd
commit 814b25742b
1 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/common/guards/roles.guard.ts
View File

@ -17,22 +17,19 @@ interface RequestWithUser extends Request {
export class RolesGuard implements CanActivate { export class RolesGuard implements CanActivate {
constructor(private reflector: Reflector) {} constructor(private reflector: Reflector) {}
canActivate(ctx: ExecutionContext): boolean { canActivate(context: ExecutionContext): boolean {
const requiredRoles = this.reflector.get<Roles[]>( const roles = this.reflector.getAllAndOverride<Roles[]>(ROLES_KEY, [context.getHandler(), context.getClass()]);
ROLES_KEY,
ctx.getHandler(), if (!roles) {
); return true;
//for "deny-by-default" when role is wrong or unavailable
if (!requiredRoles || requiredRoles.length === 0) {
return false;
} }
const request = ctx.switchToHttp().getRequest<RequestWithUser>(); const request = context.switchToHttp().getRequest<RequestWithUser>();
const user = request.user; const user = request.user;
if (!user) { if (!user) {
return false; return false;
} }
if (!requiredRoles.includes(user.role)) { if (!roles.includes(user.role)) {
throw new ForbiddenException( throw new ForbiddenException(
`The role ${user.role} is not authorized to access this resource.`, `The role ${user.role} is not authorized to access this resource.`,
); );