nest-rest-mongo-boilerplate icon indicating copy to clipboard operation
nest-rest-mongo-boilerplate copied to clipboard

Published 20 hours ago verified publisher icon msanvarov

Implementation of roles using nest-access-control

Open diffunity opened this issue 3 years ago • 2 comments

First of all, nice library you have made here. I really appreciate your work.

I have a question regarding the implementation of roles using nest-access-control.

Your implementation currently seems to grant permission to "edit" and "delete" profile to all users (at least that is what happens when I try to run it).

I had much difficulty in finding good documentations of nest-access-control. So, my question is why is it that you attached ACGuard in the "delete" endpoint for profile and not in the "patch" endpoint? And is granting permission to all users intended in this particular boilerplate?

diffunity avatar Sep 30 '21 12:09 diffunity

Hey @diffunity I'm currently in the progress of refactoring this boilerplate to not have nest-access-control in it. But utilize nest guards to act as authorization middleware.

I think when I built it, to have the CI/CD work and delete the user that was created I needed that delete permission to be there.

msanvarov avatar Nov 18 '21 20:11 msanvarov

Some changes as mentioned - https://github.com/msanvarov/nest-rest-mongo-boilerplate/issues/1242 uses CASL for its authorization.

msanvarov avatar Oct 12 '22 00:10 msanvarov