It defines an IsAuthenticated decorator that is applied to routes.

[victor-shelepen]

IsAuthenticated decorator has been created that is applied to route actions.

Description

There is functionality that provides authorization functionality. There are examples in imperative way these show how to use it. But it likes configurable rules. Principal has also to provide its functionality in a declarative way by decorators. I have not also found an example of decorator usage

Related Issue

inversify-express-utils - An example of a custom decorator. Cover the Principal functionality with decorators.

Motivation and Context

It will provide the functionality in a declarative style. The project will provide functionality by configurable rules. It is convenient and structural approach.

How Has This Been Tested?

Expected Behavior

  @httpGet('/acl/:_id')
  @permission('fetch_any_acl')
  private async acl (request: Request) {
    const hasAccess = await this.httpContext.user.isResourceOwner('fetch_any_acl')
    if (!hasAccess) {
      return this.json({ message: 'Forbidden' }, 403)
    }
    const userData = await this.userEntity.getFull(new ObjectId(request.params._id))

    return this.json(userData, 200)
  }

Current Behavior

  @httpGet('/acl/:_id')
  @permission('fetch_any_acl')
  private async acl (request: Request) {
    const userData = await this.userEntity.getFull(new ObjectId(request.params._id))

    return this.json(userData, 200)
  }

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[victor-shelepen]

I see. I've disabled another test.

[victor-shelepen]

I did it because Travis had failed because a lint error: shadow variable.

[dcavanagh]

thanks for the PR. Could you please update the documentation to explain the use case and how to use it.

Thank you

[victor-shelepen]

@dcavanagh Yes, I will do. :)

[victor-shelepen]

@dcavanagh I've added the documentation. It is available here. The decorators are applied only on actions now. We can also extend the functionality for controllers. This is a good idea to disclose how to implement custom decorators for controllers and actions in documentation.

[PodaruDragos]

why do we need && pass here ?

[PodaruDragos]

this English seems a bit shady, I am not a native speaker myself so can't really help with correct phrasing

[PodaruDragos]

hey @victor-shelepen if you can get this green with master and address some of the comments I'll happily merge this

[PodaruDragos]

@dcavanagh I've added the documentation. It is available here. The decorators are applied only on actions now. We can also extend the functionality for controllers. This is a good idea to disclose how to implement custom decorators for controllers and actions in documentation.

Will be great if we can have this for controllers as well

[victor-shelepen]

hey @victor-shelepen if you can get this green with master and address some of the comments I'll happily merge this

:) Thank you. I agree.