-
Notifications
You must be signed in to change notification settings - Fork 79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improvement: Role not found #35
Comments
Here's another idea of improving when there's an empty array #23 |
Maybe with an interceptor for serializing the roles by deleting the unknown roles from the array, what do you think? this feature maybe interested to be handled from this package instead?. |
Hey @ruslanguns! Someone has already built an interceptor for this package! However I've been absolutely abysmal at keeping up to date with everything the past 2 years! #18 However getting to your original issue! I'm not sure I 100% follow! So is this a permission from the database or a permission provided to the |
Actually you could have the permission in the db or in memory with RB. The idea is that if you remove or suspend certain global permission or an action from your RB, you would not need to update all users affected, as the permission does not exist in memory, everything continues to work correctly. Otherwise, as is happening right now, if any existing permission in the User that does not exist in the RB memory, either because it is misspelled or simply does not exist, the application throws an error. Ignore is better! |
Ahhhh yes, sorry, misunderstood. So, if you're using typeorm you could use a subscriber to update your roleBuilder's roles but that wouldn't invoke a change when the DB is updated manually but that is to be expected. If you wanted to use Redis by all means you could! Create a redis listener in the nestjs application and update the roles when a changes has been fired! Yea there shouldn't be an exceptionif the user has extra permissions than specified then an exception shouldn't be throw. I'll have a look to see where that's being thrown! |
@ruslanguns don't suppose you've got a stack trace? |
Absolutely they are great ideas. I am doing something similar. However there is a simpler way to fix this behavior, so I appreciate your help |
A stack trace sounds good. |
I have also this problem but I have read all the comments here and #23 and none of them helped. this is my rbac policy : ` export const rbac_policy: RolesBuilder = new RolesBuilder(); rbac_policy.grant(Roles.User)// grant is for which role we want to set its access this is my manager.controller ` @UseGuards(jwtAuthGuard , ACGuard)
} ` and after trying to promote user to admin it gives me AccessControlError: Invalid role(s): [] .Can anyone help me please? |
By default if you have an unknown role the server throws an error:
and returns an object like this:
In my opinion ACL should just ignore this unknown role. What do you think?
The text was updated successfully, but these errors were encountered: