np-dms/lcbp3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c83588ab435a0cfab4c326b49e0502ccebf4999f
lcbp3/backend/src/.jest-cache/jest-transform-cache-51fed4c0665a260afb7eef9c4f4e1366-12533232bd0f05f65688e7a7764bf3fb/40/rbacguard_400cdd5edff9bc3988d641b1e0469572.map
T
admin c83588ab43
CI / CD Pipeline / build (push) Failing after 21m19s
Details
CI / CD Pipeline / deploy (push) Has been skipped
Details
260330:1011 Addied correspondence_revieion_attcahments table table #01
2026-03-30 10:11:40 +07:00

1 line
3.6 KiB
Plaintext
Raw Blame History

{"file":"D:\\nap-dms.lcbp3\\backend\\src\\common\\guards\\rbac.guard.ts","mappings":";;;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,6FAA6E;AAC7E,kEAA8D;AAQvD,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,YACU,SAAoB,EACpB,WAAwB;QADxB,cAAS,GAAT,SAAS,CAAW;QACpB,gBAAW,GAAX,WAAW,CAAa;IAC/B,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,4CAA4C;QAC5C,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAC1D,8CAAe,EACf,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,yCAAyC;QACzC,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uDAAuD;QACvD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAmB,CAAC;QACrE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAC1B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,2BAA2B,CAAC,CAAC;QAC5D,CAAC;QAED,wDAAwD;QACxD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAC/D,IAAI,CAAC,OAAO,CAAC,2CAA2C;SACzD,CAAC;QAEF,gEAAgE;QAChE,MAAM,aAAa,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CACtD,eAAe,CAAC,IAAI,CAClB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,mBAAmB,CAAC,2BAA2B;SAC1E,CACF,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,2BAAkB,CAC1B,+BAA+B,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA7CY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;yDAGU,gBAAS,oBAAT,gBAAS,oDACP,0BAAW,oBAAX,0BAAW;GAHvB,SAAS,CA6CrB","names":[],"sources":["D:\\nap-dms.lcbp3\\backend\\src\\common\\guards\\rbac.guard.ts"],"sourcesContent":["import {\n CanActivate,\n ExecutionContext,\n Injectable,\n ForbiddenException,\n} from '@nestjs/common';\nimport { Reflector } from '@nestjs/core';\nimport { PERMISSIONS_KEY } from '../decorators/require-permission.decorator';\nimport { UserService } from '../../modules/user/user.service';\nimport { User } from '../../modules/user/entities/user.entity';\n\ninterface RequestWithUser {\n user?: User;\n}\n\n@Injectable()\nexport class RbacGuard implements CanActivate {\n constructor(\n private reflector: Reflector,\n private userService: UserService\n ) {}\n\n async canActivate(context: ExecutionContext): Promise<boolean> {\n // 1. ดูว่า Controller นี้ต้องการสิทธิ์อะไร?\n const requiredPermissions = this.reflector.getAllAndOverride<string[]>(\n PERMISSIONS_KEY,\n [context.getHandler(), context.getClass()]\n );\n\n // ถ้าไม่ต้องการสิทธิ์อะไรเลย ก็ปล่อยผ่าน\n if (!requiredPermissions || requiredPermissions.length === 0) {\n return true;\n }\n\n // 2. ดึง User จาก Request (ที่ JwtAuthGuard แปะไว้ให้)\n const request = context.switchToHttp().getRequest<RequestWithUser>();\n const user = request.user;\n if (!user) {\n throw new ForbiddenException('User not found in request');\n }\n\n // 3. (สำคัญ) ดึงสิทธิ์ทั้งหมดของ User คนนี้จาก Database\n const userPermissions = await this.userService.getUserPermissions(\n user.user_id // ✅ FIX: ใช้ user_id ตาม Entity field name\n );\n\n // 4. ตรวจสอบว่ามีสิทธิ์ที่ต้องการไหม? (User ต้องมีครบทุกสิทธิ์)\n const hasPermission = requiredPermissions.every((req) =>\n userPermissions.some(\n (p) => p === req || p === 'system.manage_all' // Superadmin ทะลุทุกสิทธิ์\n )\n );\n\n if (!hasPermission) {\n throw new ForbiddenException(\n `You do not have permission: ${requiredPermissions.join(', ')}`\n );\n }\n\n return true;\n }\n}\n"],"version":3}
Reference in New Issue View Git Blame Copy Permalink