Skip to content
/ nest-casl-rbac Public

This is a robust nestjs role based access control (blog application) with dynamic roles and permission implemented using casl.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nrprosper/nest-casl-rbac

BranchesTags

Repository files navigation

Nest Logo

A progressive Node.js framework for building efficient and scalable server-side applications.

NPM Version Package License NPM Downloads CircleCI Discord Backers on Open Collective Sponsors on Open Collective Donate us Support us Follow us on Twitter

Description

Mini Blog API with Role-Based Access Control (RBAC)

This API combines NestJS, Passport, and CASL to provide secure and flexible access control.

Environment Configuration

Create a .env file based on the .env.example:

APP_PORT=3000

JWT_SECRET=your_jwt_secret_key_here
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_USER=your_db_username
DATABASE_PASSWORD=your_db_password
DATABASE_NAME=your_db_name

Project setup

$ pnpm install

Database Setup

Running Migrations

# Generate a new migration
$ pnpm run migration:generate db/migrations/MigrationName

# Run pending migrations
$ pnpm run migration:run

# Revert the last migration
$ pnpm run migration:revert

Seeding Data

The project includes seed data for permissions, roles, and users:

# Seed the database with initial data
$ pnpm run seed

Default Seeded Users

After running the seed command, the following users will be available:

Email Password Role Description
admin@example.com admin123 super_admin Full system access
moderator@example.com moderator123 moderator Content management
author@example.com author123 author Content creation
user@example.com user123 user Basic access

Roles and Permissions

The application implements a Role-Based Access Control (RBAC) system with the following roles and their permissions:

Super Admin (super_admin)

  • Has full access to all system resources (super user)
  • Can manage all users, roles, permissions, and blogs

Admin (admin)

  • User Management: Create, read, update, and delete users
  • Role Management: Create, read, update, and delete roles
  • Permission Management: Read permissions
  • Blog Management: Full access to all blogs

Moderator (moderator)

  • User Management: Read users
  • Role Management: Read roles
  • Blog Management: Full access to all blogs (create, read, update, delete any blog)

Author (author)

  • Blog Management:
    • Create new blogs
    • Read blogs
    • Update own blogs
    • Delete own blogs

User (user)

  • Blog Management: Read blogs

Each role is assigned specific permissions that define what actions they can perform on different subjects (users, roles, permissions, blogs). The permissions are based on CRUD operations (Create, Read, Update, Delete) and are enforced through the CASL authorization library.

Compile and run the project

# development
$ pnpm run start

# watch mode
$ pnpm run start:dev

# production mode
$ pnpm run start:prod

Run tests

# unit tests
$ pnpm run test

# e2e tests
$ pnpm run test:e2e

# test coverage
$ pnpm run test:cov

About

This is a robust nestjs role based access control (blog application) with dynamic roles and permission implemented using casl.

Topics

jwt swagger typeorm pnpm casl nestjs nestjs-swagger nest-passport

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages