Open vineetmago opened 5 months ago
Same problem here. I think this line should be:
if (relevantRules.every((rule) => !rule.conditions) || !ability.subjectHook) {
The logic should be, if no rule has condition, then don't call hook. Now it is, if one rule has no condition, don't call hook.
With the current code, invert rule should not be working.
I was trying to setup a class based Subject Hook on a rule without conditions but wasn't able to get it working.
The bundled test case uses the following permission spec:
can(Actions.update, Post, { userId: user.id });
if the test case is setup us as the following spec instead, the PostHook wouldn't fire:
can(Actions.update, Post);
Please review the line access.service.ts #99 https://github.com/getjerry/nest-casl/blob/fcc317d3a1ca3c9851aa20bfa42400d5669d9604/src/access.service.ts#L99
Should it having an AND (&&) condition instead of an OR (||) ? This condition doesn't allow rules without conditions to specify a SubjectHook.
Thanks!