How to set role to use rest api? #43
Comments
|
Yes it could work. Override the method and call the base method so the behavior does not change. You can now add your own decorators. @UseGuards(...)
@UseInterceptors(...)
@Override()
getMany(
@ParsedQuery() query: RestfulParamsDto,
@ParsedOptions() options: CrudOptions,
) {
return this.base.getManyBase(query, options);
}Another option is to add your decorator at the class level (if all endpoints have the same permissions). |
|
Hey. Thanks for your kind words. First, I would suggest not to use Pipes for role validation, but to use Guards instead, because guards are meant for such situations. Also, Guard can be attached to the whole Controller and you won't need to override your methods. Please take a look here in README - I've added some decorators and explained how and where it's better to use them. Please, also keep in mind that I released v3.0.0 a few minutes ago. Cheers! |
|
@zMotivat0r Maybe we can add an option to put custom decorators on CRUD methods. |
|
@Diluka I thought about it. But we still have to take in mind this proposal. And that's why I don't want to add a lot of things that might be changed in the future because of this new feature coming in Nest. What do you think? |
|
We already has crud/src/decorators/crud.decorator.ts Lines 63 to 66 in 0c3b6db And this can apply custom decorators. const p = Object.getOwnPropertyDescriptor(prototype, name);
Reflect.decorate(customDecorators, target, name, p);We can add a feature to do the trick or refactor code to open a port let someone override by themselves. But currently, the base methods are too heavy to be override. As you say, this feature may be removed because the new feature in Nest. And about the Interceptors can get controller type by calling ExecutionContext#getClass() method.
|
|
@Diluka how much time will it take for you to create a PR for this? |
|
@zMotivat0r To implement this feature is quick. If you think it's OK, I'll create PR when I have some time. |
|
@Diluka yeah, I'll refactor it. I'll store it in class metadata. |
|
@Diluka is there a chance that you are using Discord? https://discord.gg/T4TN67 |
|
@zMotivat0r No, I am not using Discord. Although there is nothing wrong with reading emails and documents. But the difficulty of instant messaging is still a bit too big. (Google Translate ┑( ̄Д  ̄)┍) |
|
I made a guard for the standard restful endpoints https://gist.github.com/markpenaranda/c43f0c48b9a54a62f5cc2e631d6cd173 |
This is really cool library.
I have some question.
I already have some role pipe to check user can access some api.
How to do this on this library??
My think is override method and set pipe to do this?
please give me some idea.
thanks!!
The text was updated successfully, but these errors were encountered: