shuijiangui/nestapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
db5b553a93
nestapp/src/modules/content/rbac.ts
liuyi db5b553a93 add rbac module
2025-06-30 13:44:11 +08:00

98 lines
3.0 KiB
TypeScript
Raw Blame History

import { Injectable, OnModuleInit } from '@nestjs/common';
import { ModuleRef } from '@nestjs/core';
import { CategoryEntity, CommentEntity, PostEntity, TagEntity } from '@/modules/content/entities';
import { PermissionAction, SystemRoles } from '@/modules/rbac/constants';
import { RbacResolver } from '@/modules/rbac/rbac.resolver';
@Injectable()
export class ContentRbac implements OnModuleInit {
constructor(private ref: ModuleRef) {}
onModuleInit() {
const resolver = this.ref.get(RbacResolver, { strict: false });
resolver.addPermissions([
{
name: 'post.create',
rule: {
action: PermissionAction.CREATE,
subject: PostEntity,
},
},
{
name: 'post.owner',
rule: {
action: PermissionAction.OWNER,
subject: PostEntity,
conditions: (user) => ({
'author.id': user.id,
}),
},
},
{
name: 'comment.create',
rule: {
action: PermissionAction.CREATE,
subject: CommentEntity,
},
},
{
name: 'comment.owner',
rule: {
action: PermissionAction.OWNER,
subject: CommentEntity,
conditions: (user) => ({
'author.id': user.id,
}),
},
},
{
name: 'post.manage',
rule: {
action: PermissionAction.MANAGE,
subject: PostEntity,
},
},
{
name: 'tag.manage',
rule: {
action: PermissionAction.MANAGE,
subject: TagEntity,
},
},
{
name: 'category.manage',
rule: {
action: PermissionAction.MANAGE,
subject: CategoryEntity,
},
},
{
name: 'comment.manage',
rule: {
action: PermissionAction.MANAGE,
subject: CommentEntity,
},
},
]);
resolver.addRoles([
{
name: SystemRoles.USER,
permissions: [
'post.read',
'post.create',
'post.owner',
'comment.create',
'comment.owner',
],
},
{
name: 'content-manage',
label: '内容管理员',
description: '管理内容模块',
permissions: ['post.manage', 'category.manage', 'tag.manage', 'comment.manage'],
},
]);
}
}
Reference in New Issue View Git Blame Copy Permalink