search

getjerry / nest-casl

Casl integration for NestJS
MIT License
225 stars 29 forks source link

Conditional rule always throws Forbidden. #881

Closed hanand95 closed 7 months ago

hanand95 commented 7 months ago

Can you help me? I find this package super useful, but can make conditions work... Version is "nest-casl": "^1.9.3",

Here are parts of my code. hook.ts

export class ProjectHook
  implements SubjectBeforeFilterHook<CreateProjectDto, Request>
{
  constructor(@Inject(DrizzleProvider) private readonly db: DrizzleProvider) {}

  run({ params }: Request) {
    return this.db.query.projectsTable
      .findFirst({
        where: (project) => eq(project.id, params.id),
        with: { members: true },
      })
      .then((project) => {

        // Here I see {  id: 1, userId: 1 }
        console.log(project); 
        return project;
      });
  }
}

permissions.ts

export const permissions: Permissions<Role, Subjects, Actions, User> = {
user({ can, user }) {

    // Here I see { id: 1, roles: [ 'user' ] }
    console.log(user); 
    can(Actions.create, CreateProjectDto);
    can(Actions.aggregate, CreateProjectDto);

    // Here I get 403
    can(Actions.read, CreateProjectDto, { userId: user.id }); 
  },
  }

In controller I have

@UseAbility<CreateProjectDto>(Actions.read, CreateProjectDto, ProjectHook)

UPD: Fixed: DrizzleORM returns plain JS object, not class instance