Class: PermissionsGuard
Class: PermissionsGuard
Defined in: auth-server-nest/src/guards/permissions.guard.ts:21
Enforces @Permissions(...) metadata — principal must hold at least one
of the listed permission codes.
For users: matches against user.permissions[] (issued from role →
permission expansion in the auth server). system_admin role bypasses.
For services: matches against service.scopes[]. Service principals pass
permission checks when their scopes include the required code — this is
how m2m callers reach permission-gated endpoints (e.g. the permission
registration endpoint itself, scoped permissions:register).
Permission format: resource:action (e.g. releases:create).
Implements
CanActivate
Constructors
Constructor
new PermissionsGuard(
reflector):PermissionsGuard
Defined in: auth-server-nest/src/guards/permissions.guard.ts:22
Parameters
reflector
Reflector
Returns
PermissionsGuard
Methods
canActivate()
canActivate(
context):boolean
Defined in: auth-server-nest/src/guards/permissions.guard.ts:24
Parameters
context
ExecutionContext
Current execution context. Provides access to details about the current request pipeline.
Returns
boolean
Value indicating whether or not the current request is allowed to proceed.
Implementation of
CanActivate.canActivate