[Question] Simple RBAC system with route guard by user's role

[fasenderos]

Is it possible to define a simple RBAC system ('USER', 'EDITOR', 'ADMIN') and guarding the routes by user's role without having to define all permissions? Something like:

# app.roles.ts
import { RolesBuilder } from 'nest-access-control';
export enum AppRoles {
  USER = 'USER',
  EDITOR = 'EDITOR',
  ADMIN = 'ADMIN',
}
export const roles: RolesBuilder = new RolesBuilder();
roles
  .grant(AppRoles.USER)
  .grant(AppRoles.EDITOR)
  .extend(AppRoles.USER)  
  .grant(AppRoles.ADMIN)
  .extend(AppRoles.EDITOR)


# app.controller.ts
@Get('test')
@UseGuards(JwtAuthGuard, ACGuard)
@UseRoles({role: 'ADMIN'})  //  <=== Only admin access
test() {
   ...
}

I see that in the original interface can be defined the role property that sounds good for my case, but it seems that your role.interface.ts accept only resource, action and possession. Or I'm missing something?

Thanks in advance

[nunnally]

Hello @fasenderos you got something about that?

[mkubdev]

Hi @fasenderos, same as @nunnally !

[ernes128]

Hello @fasenderos you could follow the official RBAC simple example in the nest official docs. https://docs.nestjs.com/security/authorization I think is a great fit for the use case you are asking 🤓