node-casbin
diff --git a/‎example/.gitignore
+1 b/‎example/.gitignore
+1
diff --git a/‎example/.npmrc
+1 b/‎example/.npmrc
+1
diff --git a/‎example/.prettierrc
+4 b/‎example/.prettierrc
+4
diff --git a/‎example/.vscode/launch.json
+41 b/‎example/.vscode/launch.json
+41
diff --git a/‎example/.vscode/tasks.json
+12 b/‎example/.vscode/tasks.json
+12
diff --git a/‎example/README.md
+36 b/‎example/README.md
+36
diff --git a/‎example/model.conf
+15 b/‎example/model.conf
+15
diff --git a/‎example/nest-cli.json
+5 b/‎example/nest-cli.json
+5
diff --git a/‎example/nodemon-debug.json
+6 b/‎example/nodemon-debug.json
+6
diff --git a/‎example/nodemon.json
+6 b/‎example/nodemon.json
+6
diff --git a/‎example/package.json
+76 b/‎example/package.json
+76
diff --git a/‎example/policy.csv
+13 b/‎example/policy.csv
+13
diff --git a/‎example/src/app.module.ts
+42 b/‎example/src/app.module.ts
+42
diff --git a/‎example/src/controllers/app.controller.ts
+16 b/‎example/src/controllers/app.controller.ts
+16
diff --git a/‎example/src/controllers/auth.controller.ts
+31 b/‎example/src/controllers/auth.controller.ts
+31
@@ -0,0 +1 @@
+node_modules
@@ -0,0 +1 @@
+package-lock=false
@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all"
+}
@@ -0,0 +1,41 @@
+{
+  // 使用 IntelliSense 了解相关属性。
+  // 悬停以查看现有属性的描述。
+  // 欲了解更多信息，请访问: https://go.microsoft.com/fwlink/?linkid=830387
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Launch Program",
+      "program": "${workspaceFolder}/app.js"
+    },
+
+    {
+      "type": "node",
+      "name": "vscode-jest-tests",
+      "request": "launch",
+      "program": "${workspaceFolder}/node_modules/jest/bin/jest",
+      "args": ["--runInBand"],
+      "cwd": "${workspaceFolder}",
+      "console": "integratedTerminal",
+      "internalConsoleOptions": "neverOpen"
+    },
+
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Launch Program",
+      "program": "${workspaceFolder}/src/main.ts",
+      "preLaunchTask": "tsc: build - tsconfig.json",
+      "outFiles": ["${workspaceFolder}/dist/**/*.js"]
+    },
+    {
+      "name": "TS File",
+      "type": "node",
+      "request": "launch",
+      "runtimeArgs": ["-r", "ts-node/register"],
+      "args": ["${workspaceFolder}/src/main.ts"]
+    }
+  ]
+}
@@ -0,0 +1,12 @@
+{
+  // 有关 tasks.json 格式的文档，请参见
+  // https://go.microsoft.com/fwlink/?LinkId=733558
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "type": "typescript",
+      "tsconfig": "tsconfig.build.json",
+      "problemMatcher": ["$tsc"]
+    }
+  ]
+}
@@ -0,0 +1,36 @@
+## Description
+
+A demo shows how to use nest-authz to implement role-based access control.
+
+## Installation
+
+```bash
+$ npm install
+```
+
+## Running the app
+
+```bash
+# development
+$ npm run start
+
+# watch mode
+$ npm run start:dev
+
+# production mode
+$ npm run start:prod
+```
+
+Open [http://localhost:3000/api](http://localhost:3000/api) to see api.
+The api uses Bear auth schema, so if you want to access protected api, you should click the `Authorize` button and set `Bearer yourjwttoken` after login.
+
+## Test
+
+```bash
+# unit tests
+$ npm run test
+```
+
+## License
+
+[MIT licensed](LICENSE).
@@ -0,0 +1,15 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+g2 = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && g2(r.obj, p.obj) && r.act == p.act || r.sub == "root"
@@ -0,0 +1,5 @@
+{
+  "language": "ts",
+  "collection": "@nestjs/schematics",
+  "sourceRoot": "src"
+}
@@ -0,0 +1,6 @@
+{
+  "watch": ["src"],
+  "ext": "ts",
+  "ignore": ["src/**/*.spec.ts"],
+  "exec": "node --inspect-brk -r ts-node/register -r tsconfig-paths/register src/main.ts"
+}
@@ -0,0 +1,6 @@
+{
+  "watch": ["src"],
+  "ext": "ts",
+  "ignore": ["src/**/*.spec.ts"],
+  "exec": "ts-node -r tsconfig-paths/register src/main.ts"
+}
@@ -0,0 +1,76 @@
+{
+  "name": "example",
+  "version": "0.0.1",
+  "description": "",
+  "author": "",
+  "license": "MIT",
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "start": "ts-node -r tsconfig-paths/register src/main.ts",
+    "start:dev": "nodemon",
+    "start:debug": "nodemon --config nodemon-debug.json",
+    "prestart:prod": "rimraf dist && npm run build",
+    "start:prod": "node dist/main.js",
+    "lint": "tslint -p tsconfig.json -c tslint.json",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:cov": "jest --coverage",
+    "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
+    "test:e2e": "jest --config ./test/jest-e2e.json"
+  },
+  "dependencies": {
+    "@nestjs/common": "^6.0.0",
+    "@nestjs/core": "^6.0.0",
+    "@nestjs/jwt": "^6.0.0",
+    "@nestjs/passport": "^6.0.0",
+    "@nestjs/platform-express": "^6.0.0",
+    "@nestjs/swagger": "^3.0.2",
+    "class-transformer": "^0.2.0",
+    "class-validator": "^0.9.1",
+    "dotenv": "^7.0.0",
+    "passport": "^0.4.0",
+    "passport-jwt": "^4.0.0",
+    "reflect-metadata": "^0.1.12",
+    "rimraf": "^2.6.2",
+    "rxjs": "^6.3.3",
+    "swagger-ui-express": "^4.0.2",
+    "uuid": "^3.3.2"
+  },
+  "devDependencies": {
+    "@nestjs/testing": "^6.0.0",
+    "@types/express": "^4.16.0",
+    "@types/jest": "^23.3.13",
+    "@types/node": "^10.12.18",
+    "@types/passport-jwt": "^3.0.1",
+    "@types/supertest": "^2.0.7",
+    "@types/uuid": "^3.4.4",
+    "casbin": "^2.0.1",
+    "jest": "^23.6.0",
+    "nodemon": "^1.18.9",
+    "prettier": "^1.15.3",
+    "supertest": "^3.4.1",
+    "ts-jest": "^23.10.5",
+    "ts-node": "^7.0.1",
+    "tsconfig-paths": "^3.7.0",
+    "tslint": "5.12.1",
+    "typescript": "^3.2.4"
+  },
+  "jest": {
+    "moduleFileExtensions": [
+      "js",
+      "json",
+      "ts"
+    ],
+    "roots": [
+      "./test",
+      "./src"
+    ],
+    "testRegex": ".spec.ts$",
+    "transform": {
+      "^.+\\.(t|j)s$": "ts-jest"
+    },
+    "coverageDirectory": "../coverage",
+    "testEnvironment": "node"
+  }
+}
@@ -0,0 +1,13 @@
+p, superuser, user, read:any
+p, manager, user_roles, read:any
+p, guest, user, read:own
+
+g, alice, superuser
+g, bob, guest
+g, tom, manager
+
+g, users_list, user
+g, user_roles, user
+g, user_permissions, user
+g, roles_list, role
+g, role_permissions, role
@@ -0,0 +1,42 @@
+import { Module, ExecutionContext } from '@nestjs/common';
+import { AppController } from './controllers/app.controller';
+import { UserController } from './controllers/user.controller';
+import { RoleController } from './controllers/role.controller';
+import { AuthController } from './controllers/auth.controller';
+import { UserPermissionController } from './controllers/user-permission.controller';
+import { UserRoleController } from './controllers/user-role.controller';
+
+import { AuthZModule } from '../../src';
+import { PassportModule } from '@nestjs/passport';
+import { JwtModule } from '@nestjs/jwt';
+
+import { AuthService, UserService, RoleService, JwtStrategy } from './services';
+
+@Module({
+  imports: [
+    PassportModule.register({
+      defaultStrategy: 'jwt',
+    }),
+    JwtModule.register({
+      secretOrPrivateKey: 'secretKey',
+    }),
+    AuthZModule.register({
+      model: 'model.conf',
+      policy: 'policy.csv',
+      usernameFromContext: (ctx: ExecutionContext) => {
+        const request = ctx.switchToHttp().getRequest();
+        return request.user && request.user.username;
+      },
+    }),
+  ],
+  controllers: [
+    AppController,
+    AuthController,
+    UserController,
+    RoleController,
+    UserRoleController,
+    UserPermissionController,
+  ],
+  providers: [AuthService, UserService, JwtStrategy, RoleService],
+})
+export class AppModule {}
@@ -0,0 +1,16 @@
+import { Controller, Get } from '@nestjs/common';
+
+import { Resources } from '../resources';
+
+@Controller()
+export class AppController {
+  @Get()
+  root() {
+    return 'Hello World!';
+  }
+
+  @Get('/resources')
+  resources() {
+    return Resources;
+  }
+}
@@ -0,0 +1,31 @@
+import { Controller, Post, Body } from '@nestjs/common';
+import { AuthService } from '../services/auth.service';
+
+import { ApiUseTags, ApiOperation } from '@nestjs/swagger';
+import { LoginInput } from '../dto/login.input';
+import { RegisterInput } from 'src/dto/register.input';
+import { User } from '../interfaces';
+import uuid = require('uuid');
+
+@ApiUseTags('Auth')
+@Controller('auth')
+export class AuthController {
+  constructor(private readonly authSrv: AuthService) {}
+
+  @ApiOperation({
+    title: 'User login',
+  })
+  @Post('login')
+  async login(@Body() credentials: LoginInput) {
+    return this.authSrv.login(credentials.username, credentials.password);
+  }
+
+  @ApiOperation({
+    title: 'User register',
+  })
+  @Post('register')
+  async register(@Body() userDto: RegisterInput) {
+    const data: User = Object.assign({ id: uuid.v1() }, userDto);
+    return this.authSrv.register(data);
+  }
+}