Draft
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR introduces the @nestjs-cls/auth plugin, which adds an authorization mechanism to nestjs-cls by providing a RequirePermission decorator and associated tooling to enforce permission checks. Key changes include:
- The implementation of the RequirePermission decorator and the custom PermissionDeniedException.
- The creation of a plugin (ClsPluginAuth) to integrate the permission logic using CLS.
- Updates to tests, documentation, and configuration files to support and verify the new functionality.
Reviewed Changes
Copilot reviewed 12 out of 14 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| packages/auth/test/plugin-auth.spec.ts | Adds a test verifying that a secured method throws PermissionDeniedException when permissions fail. |
| packages/auth/src/lib/require-permission.decorator.ts | Implements the decorator logic using a Proxy and attaches method metadata. |
| packages/auth/src/lib/plugin-auth.ts | Provides the new auth plugin for configuring and registering the CLS-based authorization. |
| packages/auth/src/lib/permission-denied.exception.ts | Defines a custom exception for permission denial scenarios. |
| packages/auth/src/lib/auth.symbols.ts | Manages unique symbols for differentiating auth contexts by name. |
| packages/auth/src/lib/auth.interfaces.ts | Declares interface options for the RequirePermission decorator. |
| packages/auth/src/lib/auth-host.ts | Hosts auth logic, manages CLS contexts, and provides permission verification. |
| packages/auth/src/index.ts | Exports the plugin components and related classes. |
| packages/auth/jest.config.js | Configures Jest to run tests for the plugin. |
| packages/auth/README.md | Provides documentation and usage guidelines for the auth plugin. |
Files not reviewed (2)
- packages/auth/package.json: Language not supported
- packages/auth/tsconfig.json: Language not supported
Comments suppressed due to low confidence (1)
packages/auth/test/plugin-auth.spec.ts:49
- [nitpick] Consider adding a test case for scenarios where the permission predicate returns true, ensuring that the secured method returns the expected result. This will improve test coverage for successful authorization paths.
it('should throw', async () => {
Papooch
force-pushed
the
feat/update-plugin-transactional
branch
from
1fae846 to
3a8a7b1
Compare
Papooch
force-pushed
the
feat/update-plugin-transactional
branch
from
3a8a7b1 to
0ac1261
Compare
Papooch
force-pushed
the
feat/auth-plugin
branch
from
f763423 to
6904517
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.