feat: permissions to auth

Aiden-FE · Apr 1, 2023 · d794110 · d794110
1 parent 4dd7b31
commit d794110
Show file tree

Hide file tree

Showing 8 changed files with 27 additions and 23 deletions.
diff --git a/README.md b/README.md
@@ -269,7 +269,7 @@ export class OauthController {
    * 第二个参数可选,类型是 'AND' | 'OR',默认是'AND',即所有声明的权限都必须具备,OR则代表声明的权限具备任意一个均可
    * @param user @User()装饰器可以快捷的拿到授权通过后的用户信息数据
    */
-  @Permissions(PERMISSIONS.COMMON_USER_QUERY)
+  @Auth(PERMISSIONS.COMMON_USER_QUERY)
   @Get('test')
   async test(@User() user: any) {
     return user;

diff --git a/apps/compass-service/src/modules/oauth/oauth.controller.ts b/apps/compass-service/src/modules/oauth/oauth.controller.ts
@@ -19,7 +19,7 @@ export class OauthController {
     return { ...result, token: signStr };
   }
 
-  // @Permissions(PERMISSIONS.COMMON_USER_QUERY)
+  // @Auth(PERMISSIONS.COMMON_USER_QUERY)
   // eslint-disable-next-line class-methods-use-this
   @Get('test')
   async test(@User() user: any) {

diff --git a/shared/config/constants.ts b/shared/config/constants.ts
@@ -1,6 +1,6 @@
 export const IS_PUBLIC_KEY = 'isPublic';
 
-export const PERMISSIONS_KEY = 'PERMISSIONS';
+export const AUTH_KEY = 'AUTH';
 
 export enum PERMISSIONS {
   /** 权限相关 */

diff --git a/shared/decorators/auth.decorator.ts b/shared/decorators/auth.decorator.ts
@@ -0,0 +1,21 @@
+import { SetMetadata, applyDecorators } from '@nestjs/common';
+import { PERMISSIONS, AUTH_KEY, AuthOption } from '@shared';
+import { ApiBearerAuth } from '@nestjs/swagger';
+
+/**
+ * @description 设置许可权限
+ * @param permissions 权限key或keys
+ * @param mode 权限模式,OR 任一命中即可, AND所有均需满足
+ * @constructor
+ */
+const Auth = (permissions: PERMISSIONS, mode: AuthOption['mode'] = 'AND') => {
+  return applyDecorators(
+    SetMetadata(AUTH_KEY, {
+      mode,
+      permissions: Array.isArray(permissions) ? permissions : [permissions],
+    }),
+    ApiBearerAuth(),
+  );
+};
+
+export default Auth;
diff --git a/shared/decorators/index.ts b/shared/decorators/index.ts
@@ -2,7 +2,7 @@ import { SetMetadata } from '@nestjs/common';
 import { IS_PUBLIC_KEY } from '@shared/config';
 
 export { default as User } from './user.decorator';
-export { default as Permissions } from './permissions.decorator';
+export { default as Auth } from './auth.decorator';
 
 /**
  * @description 声明为开放接口,不验证token,不验证权限

diff --git a/shared/decorators/permissions.decorator.ts b/shared/decorators/permissions.decorator.ts
diff --git a/shared/guards/jwt-auth.guard.ts b/shared/guards/jwt-auth.guard.ts
@@ -42,7 +42,7 @@ export default class JwtAuthGuard extends AuthGuard('jwt') {
   private async handleUserPermissions(context: ExecutionContext) {
     // 处理接口所许可的权限
     const permissionsOption = this.reflector.get<PermissionsOption>(PERMISSIONS_KEY, context.getHandler());
-    // 如果未使用 @Permissions() 装饰器的接口意味着不需要具体权限码授权
+    // 如果未使用 @Auth() 装饰器的接口意味着不需要具体权限码授权
     if (!permissionsOption || !permissionsOption.permissions?.length) return true;
     const { user } = context.switchToHttp().getRequest();
     /**

diff --git a/shared/interceptors/index.ts b/shared/interceptors/index.ts
@@ -2,7 +2,7 @@ import { PERMISSIONS } from '@shared/config';
 
 export { default as ResponseInterceptor } from './response.interceptor';
 
-export interface PermissionsOption {
+export interface AuthOption {
   mode: 'AND' | 'OR';
   permissions: PERMISSIONS[];
 }