Closed belgamo closed 11 months ago
@liquidautumn I'd love to get your input here. Please, review when you get a chance.
@liquidautumn I'd love to get your input here. Please, review when you get a chance.
Thank you for contribution, it looks good overall. Commented on dependency issue, let me know what you think. Also docs update needed but not critical, might be done separately.
@liquidautumn I'd love to get your input here. Please, review when you get a chance.
Thank you for contribution, it looks good overall. Commented on dependency issue, let me know what you think. Also docs update needed but not critical, might be done separately.
I'm wondering if we really need to document this... Since it's built on top of CASL, I'd expect the restricting fields feature to just work when I call can/cannot
methods while defining permissions. That's my perspective as a consumer of this library. If you really think it's nice to have, we can evidence it with a short example.
:tada: This PR is included in version 1.9.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
related to https://github.com/getjerry/nest-casl/issues/254
Motivation
Currently, there's no effortless way to support restricted fields by using the
AccessGuard
which requires us to manually call eitherhasAbility
orassertAbility
fromAccessService
.Strategy
Get all properties from the body object sent by the client and transform them into dot notation paths, that is the way CASL compares the desired ability against the predefined rules. It's fully compatible with CASL patterns.
Goal
Deny the request if the user has sent a field in which they don't have permission to perform an action.