Deploying to gh-pages from @ 4e8cfa0 🚀

additional-documentation/nestjs-application/authorisation.html

@@ -156,12 +156,7 @@ <h3>Example 1 - Execute a Single Operation</h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-javascript">   this.authorizationService.checkPermission(user, course, AuthorizationContextBuilder.write([])
    // or
    this.authorizationService.hasPermission(user, course, AuthorizationContextBuilder.write([])
-   // next orchestration steps</code></pre></div><h3>Example 2 - Execute a Single Operation with Loading Resources</h3>
-<b>Example :</b><div><pre class="line-numbers"><code class="language-javascript">// If you don&#39;t have an entity but an entity type and id, you can check permission by reference
-await this.authorizationService.checkPermissionByReferences(userId, AllowedEntity.course, courseId, AuthorizationContextBuilder.read([]));
-// or
-await this.authorizationService.hasPermissionByReferences(userId, AllowedEntity.course, courseId, AuthorizationContextBuilder.read([]));
-// next orchestration steps</code></pre></div><h3>Example 3 - Set Permission(s) of User as Required</h3>
+   // next orchestration steps</code></pre></div><h3>Example 2 - Set Permission(s) of User as Required</h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-javascript">// Multiple permissions can be added. For a successful authorization, the user need all of them.
 await this.authorizationService.hasPermission(userId, course, AuthorizationContextBuilder.read([Permissions.COURSE_VIEW]));
 // next orchestration steps</code></pre></div><h3>Example 4 - Define Context for Multiple Places</h3>
@@ -179,83 +174,79 @@ <h3>Example 1 - Execute a Single Operation</h3>
 <h3>Example - Create a school by <strong>superhero</strong></h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-ts">async createSchoolBySuperhero(userId: EntityId, params: { name: string }) {
 
-    const user = this.authorizationService.getUserWithPermissions(userId);
-    this.authorizationService.hasAllPermissions(user, [Permission.SCHOOL_CREATE]);
-
-    const school = new School(params);
+   const user = this.authorizationService.getUserWithPermissions(userId);
+   this.authorizationService.hasAllPermissions(user, [Permission.SCHOOL_CREATE]);
 
-    await this.schoolService.save(school);
+   const school = new School(params);
+   await this.schoolService.save(school);
 
-    return true;
+   return true;
 }
 </code></pre></div><h3>Example - Create user by <strong>admin</strong></h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-ts">
 async createUserByAdmin(userId: EntityId, params: { email: string, firstName: string, lastName: string, schoolId: EntityId }) {
 
-    const user = this.authorizationService.getUserWithPermissions(userId);
-
-   await this.authorizationService.checkPermissionByReferences(userId, AllowedEntity.school, schoolId, AuthorizationContextBuilder.write([Permission.INSTANCE, Permission.CREATE_USER]));
-
-    const newUser = new User(params)
+   const user = this.authorizationService.getUserWithPermissions(userId);
+
+   const context = AuthorizationContextBuilder.write([Permission.INSTANCE, Permission.CREATE_USER])
+   await this.authorizationService.checkPermission(user, school, context);
 
-    await this.userService.save(newUser);
+   const newUser = new User(params)
+   await this.userService.save(newUser);
 
-    return true;
+   return true;
 }
 </code></pre></div><h3>Example - Edit course by <strong>admin</strong></h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-ts">// admin
 async editCourseByAdmin(userId: EntityId, params: { courseId: EntityId, description: string }) {
 
-    const course = this.courseService.getCourse(params.courseId);
-    const user = this.authorizationService.getUserWithPermissions(userId);
-
-   const school = course.school
-
-    this.authorizationService.hasPermissions(user, school, [Permission.INSTANCE, Permission.COURSE_EDIT]);
+   const course = this.courseService.getCourse(params.courseId);
+   const user = this.authorizationService.getUserWithPermissions(userId);
+   const school = course.school;
 
-    course.description = params.description;
+   const context = AuthorizationContextBuilder.write([Permission.INSTANCE, Permission.CREATE_USER]);
+   this.authorizationService.checkPermissions(user, school, context);
 
-    await this.courseService.save(course);
+   course.description = params.description;
+   await this.courseService.save(course);
 
-    return true;
+   return true;
 }
 </code></pre></div><h3>Example - Create a Course</h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-ts">// User can create a course in scope a school, you need to check if he can it by school
 async createCourse(userId: EntityId, params: { schoolId: EntityId }) {
    const user = this.authorizationService.getUserWithPermissions(userId);
    const school = this.schoolService.getSchool(params.schoolId);
 
-        this.authorizationService.checkPermission(user, school
-            {
-                action: Actions.write,
-                requiredPermissions: [Permission.COURSE_CREATE],
-            }
-        );
-
-    const course = new Course({ school });
+   this.authorizationService.checkPermission(user, school
+       {
+         action: Actions.write,
+         requiredPermissions: [Permission.COURSE_CREATE],
+       }
+   );
 
-    await this.courseService.saveCourse(course);
+   const course = new Course({ school });
+   await this.courseService.saveCourse(course);
 
-    return course;
+   return course;
 }
 </code></pre></div><h3>Example - Create a Lesson</h3>
 <b>Example :</b><div><pre class="line-numbers"><code class="language-ts">// User can create a lesson to course, so you have a courseId
 async createLesson(userId: EntityId, params: { courseId: EntityId }) {
-    const course = this.courseService.getCourse(params.courseId);
-    const user = this.authorizationService.getUserWithPermissions(userId);
+   const course = this.courseService.getCourse(params.courseId);
+   const user = this.authorizationService.getUserWithPermissions(userId);
          // check authorization for user and course
-        this.authorizationService.checkPermission(user, course
-            {
-                action: Actions.write,
-                requiredPermissions: [Permission.COURSE_EDIT],
-            }
-        );
-
-    const lesson = new Lesson({course});
+   this.authorizationService.checkPermission(user, course
+      {
+         action: Actions.write,
+         requiredPermissions: [Permission.COURSE_EDIT],
+      }
+   );
 
-    await this.lessonService.saveLesson(lesson);
+   const lesson = new Lesson({course});
+   await this.lessonService.saveLesson(lesson);
 
-    return true;
+   return true;
 }</code></pre></div><h2>How to write a rule</h2>
 <p>So a rule must validate our scope actions. For example we have a <em>news</em> for the school or course. The news has a creator and target model.</p>
 <blockquote>
@@ -319,8 +310,9 @@ <h3>feathers-* (legacy/deprecated)</h3>
 <h3>Authorization Module</h3>
 <p>The authorization module is the core of authorization. It collects all needed information and handles it behind a small interface. It exports the authoriation service that can be used in your use case over injections.</p>
 <h3>Reference.loader</h3>
-<p>For situations where only the id and the domain object (string) type is known, it is possible to use the *ByReferences methods.
-They load the reference directly.</p>
+<p>It should be use only inside of the authorization module.
+It is use to load registrated ressouces by the id and name of the ressource.
+This is needed to solve the API requests from external services. (API implementation is missing for now)</p>
 <blockquote>
 <p>Please keep in mind that it can have an impact on the performance if you use it wrongly.
 We keep it as a seperate method to avoid the usage in areas where the domain object should exist, because we see the risk that a developer could be tempted by the ease of only passing the id.</p>

classes/AuthorizationContextBuilder.html

@@ -68,7 +68,7 @@
             <h3>File</h3>
         </p>
         <p class="comment">
-            <code>apps/server/src/modules/authorization/authorization-context.builder.ts</code>
+            <code>apps/server/src/modules/authorization/domain/mapper/authorization-context.builder.ts</code>
         </p>
 
 
@@ -145,7 +145,7 @@ <h3 id="methods">
                     <tr>
                         <td class="col-md-4">
                             <div class="io-line">Defined in <a href="" data-line="5"
-                                    class="link-to-prism">apps/server/src/modules/authorization/authorization-context.builder.ts:5</a></div>
+                                    class="link-to-prism">apps/server/src/modules/authorization/domain/mapper/authorization-context.builder.ts:5</a></div>
                         </td>
                     </tr>
 
@@ -226,7 +226,7 @@ <h3 id="methods">
                     <tr>
                         <td class="col-md-4">
                             <div class="io-line">Defined in <a href="" data-line="17"
-                                    class="link-to-prism">apps/server/src/modules/authorization/authorization-context.builder.ts:17</a></div>
+                                    class="link-to-prism">apps/server/src/modules/authorization/domain/mapper/authorization-context.builder.ts:17</a></div>
                         </td>
                     </tr>
 
@@ -295,7 +295,7 @@ <h3 id="methods">
                     <tr>
                         <td class="col-md-4">
                             <div class="io-line">Defined in <a href="" data-line="11"
-                                    class="link-to-prism">apps/server/src/modules/authorization/authorization-context.builder.ts:11</a></div>
+                                    class="link-to-prism">apps/server/src/modules/authorization/domain/mapper/authorization-context.builder.ts:11</a></div>
                         </td>
                     </tr>
 
@@ -352,7 +352,7 @@ <h3 id="methods">
 
     <div class="tab-pane fade  tab-source-code" id="source">
         <pre class="line-numbers compodoc-sourcecode"><code class="language-typescript">import { Permission } from &#x27;@shared/domain&#x27;;
-import { AuthorizationContext, Action } from &#x27;./types&#x27;;
+import { AuthorizationContext, Action } from &#x27;../type&#x27;;
 
 export class AuthorizationContextBuilder {
 	private static build(requiredPermissions: Permission[], action: Action): AuthorizationContext {

classes/ContextTypeMapper.html

@@ -191,7 +191,7 @@ <h3 id="methods">
 
 
     <div class="tab-pane fade  tab-source-code" id="source">
-        <pre class="line-numbers compodoc-sourcecode"><code class="language-typescript">import { AuthorizableReferenceType } from &#x27;@src/modules/authorization/types&#x27;;
+        <pre class="line-numbers compodoc-sourcecode"><code class="language-typescript">import { AuthorizableReferenceType } from &#x27;@src/modules/authorization/domain/&#x27;;
 import { ToolContextType } from &#x27;../enum&#x27;;
 
 const typeMapping: Record&lt;ToolContextType, AuthorizableReferenceType&gt; &#x3D; {