@brandazm/dynamic-permissions
v1.1.3
Published
A flexible and powerful permissions management system for NestJS applications with built-in security features
Maintainers
brandazmReadme
NestJS Dynamic Permissions
A flexible and powerful permissions management system for NestJS applications with built-in security features.
Features
Permission Management
- Dynamic role-based access control (RBAC)
- Fine-grained permission control
- Role hierarchy support
- Public routes configuration
- Permission strategy (whitelist/blacklist)
Security Features
- Rate limiting protection
- CORS configuration
- Helmet security headers
- Request validation
- Multiple security templates (Basic, Strict, Enterprise)
Configuration Management
- Multiple configuration templates
- Configuration publishing
- Easy updates and migrations
- TypeScript type definitions
- Environment-specific settings
Error Handling
- Centralized error handling
- Custom exception classes
- Standardized error responses
- Environment-specific error details
Audit & Monitoring
- Audit logging
- Performance monitoring
- Security event tracking
- Detailed logging system
Installation
npm i @brandazm/dynamic-permissionsQuick Start
1. Initialize Configuration
# Initialize with basic configuration
npx nestjs-permissions init
# Or use a specific template
npx nestjs-permissions init -t advanced2. Module Setup
import { PermissionsModule } from '@brandazm/dynamic-permissions';
@Module({
imports: [
PermissionsModule.register()
]
})
export class AppModule {}3. Apply Permissions
import { RequirePermission } from '@brandazm/dynamic-permissions';
@Controller('users')
export class UserController {
@RequirePermission(['user.read'])
@Get()
findAll() {
return this.userService.findAll();
}
}Security Configuration
1. Initialize Security Settings
# Publish security configuration
npx nestjs-permissions publish-security-config
# Use strict security template
npx nestjs-permissions publish-security-config -t strict2. Available Security Templates
- Basic: Essential security features
- Strict: Enhanced security with stricter settings
- Enterprise: Full-featured security for enterprise applications
3. Security Features
const securityConfig = {
rateLimit: {
enabled: true,
windowMs: 15 * 60 * 1000,
max: 100
},
cors: {
enabled: true,
allowedOrigins: ['https://your-domain.com'],
allowedMethods: ['GET', 'POST'],
allowedHeaders: ['Content-Type', 'Authorization']
},
helmet: {
enabled: true,
contentSecurityPolicy: true,
// ... other security headers
},
requestValidation: {
maxBodySize: 10 * 1024 * 1024,
requireJsonContent: true,
validateContentType: true
}
};CLI Commands
Configuration Management
# Initialize project
npx nestjs-permissions init
# Publish configuration
npx nestjs-permissions publish-config
# Generate migration
npx nestjs-permissions generate-migration
# Validate configuration
npx nestjs-permissions validate-configSecurity Management
# Publish security configuration
npx nestjs-permissions publish-security-config
# Update security settings
npx nestjs-permissions update-security-config
# List security templates
npx nestjs-permissions list-security-templatesDocumentation
Error Handling
The package includes comprehensive error handling with custom exceptions:
PermissionDeniedExceptionInvalidPermissionExceptionRoleNotFoundExceptionConfigurationExceptionDatabaseExceptionMigrationExceptionCacheExceptionValidationException
Contributing
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Support
For support and questions, please:
- Check the Troubleshooting Guide
- Open an issue on GitHub
- Join our Discord community
Acknowledgments
- NestJS team for the amazing framework
- Contributors who helped shape this package
- Community feedback and support