adamkekesi
commented
2 years ago - [x] Adding CASL to the project
- [x] Refactor AuthGuard to only handle authentication
- [x] Create PolicyModule
- [x] Create AppAbilityFactory
- It creates all the abilities of a user
- It is extensible by other, domain-specific ability factories (e.g UserAbilityFactory)
- [x] Create PoliciesGuard
- If the user is not authenticated, throws 401 Unauthorized
- Checks if the user has the rights to call a route handler
- [x] Create CheckPolicies decorator
- It puts PolicyHandlers on a route or controller