feat(authorization): make auth checker feature generic typed

Author: MichalLytek

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog and release notes
 
+## Unreleased
+### Features
+- make auth checker feature generic typed (default `string` for backward compatibility)
+
 ## v0.11.2
 ### Features
 - attach `MetadataStorage` to global scope (support multiple packages/modules)

docs/authorization.md

@@ -32,6 +32,7 @@ class MyObject {
 ```
 
 You can leave the `@Authorized` decorator brackets empty or you can specify the roles that the user needs to have to get access to the field, query or mutation.
+By default the roles are `string` but you can change it easily as the decorator is generic - `@Authorized<number>(1, 7, 22)`.
 
 This way authed users (regardless of theirs roles) could read only `publicField` or `authorizedField` from `MyObject` object. They will receive `null` when accessing `hiddenField` field and will receive error (that will propagate through the whole query tree looking for nullable field) for `adminField` when they don't satisfy roles constraints.
 
@@ -74,6 +75,7 @@ export const customAuthChecker: AuthChecker<ContextType> =
     return true; // or false if access denied
   }
 ```
+The second argument of `AuthChecker` generic type is `RoleType` - use it together with `@Authorized` decorator generic type.
 
 The last step is to register the function while building the schema:
 ```ts

src/decorators/Authorized.ts

@@ -1,16 +1,17 @@
 import { getMetadataStorage } from "../metadata/getMetadataStorage";
 import { SymbolKeysNotSupportedError } from "../errors";
 import { getArrayFromOverloadedRest } from "../helpers/decorators";
+import { MethodAndPropDecorator } from "../types/decorators";
 
-export type MethodOrPropDecorator = MethodDecorator & PropertyDecorator;
-
-export function Authorized(): MethodOrPropDecorator;
-export function Authorized(roles: string[]): MethodOrPropDecorator;
-export function Authorized(...roles: string[]): MethodOrPropDecorator;
-export function Authorized(...rolesOrRolesArray: Array<string | string[]>): MethodOrPropDecorator {
+export function Authorized(): MethodAndPropDecorator;
+export function Authorized<RoleType = string>(roles: RoleType[]): MethodAndPropDecorator;
+export function Authorized<RoleType = string>(...roles: RoleType[]): MethodAndPropDecorator;
+export function Authorized<RoleType = string>(
+  ...rolesOrRolesArray: Array<RoleType | RoleType[]>
+): MethodDecorator | PropertyDecorator {
   const roles = getArrayFromOverloadedRest(rolesOrRolesArray);
 
-  return (prototype: object, propertyKey: string | symbol) => {
+  return (prototype, propertyKey, descriptor) => {
     if (typeof propertyKey === "symbol") {
       throw new SymbolKeysNotSupportedError();
     }

src/decorators/Field.ts

@@ -1,11 +1,9 @@
 import { getMetadataStorage } from "../metadata/getMetadataStorage";
-import { ReturnTypeFunc, AdvancedOptions } from "../types/decorators";
+import { ReturnTypeFunc, AdvancedOptions, MethodAndPropDecorator } from "../types/decorators";
 import { findType } from "../helpers/findType";
 import { getTypeDecoratorParams } from "../helpers/decorators";
 import { SymbolKeysNotSupportedError } from "../errors";
 
-export type MethodAndPropDecorator = PropertyDecorator & MethodDecorator;
-
 export function Field(options?: AdvancedOptions): MethodAndPropDecorator;
 export function Field(
   returnTypeFunction?: ReturnTypeFunc,

src/decorators/UseMiddleware.ts

@@ -2,13 +2,10 @@ import { SymbolKeysNotSupportedError } from "../errors";
 import { Middleware } from "../interfaces/Middleware";
 import { getMetadataStorage } from "../metadata/getMetadataStorage";
 import { getArrayFromOverloadedRest } from "../helpers/decorators";
+import { MethodAndPropDecorator } from "../types/decorators";
 
-export function UseMiddleware(
-  middlewares: Array<Middleware<any>>,
-): MethodDecorator & PropertyDecorator;
-export function UseMiddleware(
-  ...middlewares: Array<Middleware<any>>
-): MethodDecorator & PropertyDecorator;
+export function UseMiddleware(middlewares: Array<Middleware<any>>): MethodAndPropDecorator;
+export function UseMiddleware(...middlewares: Array<Middleware<any>>): MethodAndPropDecorator;
 export function UseMiddleware(
   ...middlewaresOrMiddlewareArray: Array<Middleware<any> | Array<Middleware<any>>>
 ): MethodDecorator | PropertyDecorator {

src/helpers/auth-middleware.ts

@@ -3,9 +3,9 @@ import { AuthChecker, AuthMode } from "../interfaces/auth-checker";
 import { UnauthorizedError, ForbiddenError } from "../errors";
 
 export function AuthMiddleware(
-  authChecker: AuthChecker,
+  authChecker: AuthChecker<any, any>,
   authMode: AuthMode,
-  roles: string[],
+  roles: any[],
 ): MiddlewareFn {
   return async (action, next) => {
     const accessGranted = await authChecker(action, roles);

src/interfaces/auth-checker.ts

@@ -1,8 +1,8 @@
 import { ResolverData } from "../types/action-data";
 
-export type AuthChecker<ContextType = {}> = (
+export type AuthChecker<ContextType = {}, RoleType = string> = (
   resolverData: ResolverData<ContextType>,
-  roles: string[],
+  roles: RoleType[],
 ) => boolean | Promise<boolean>;
 
 export type AuthMode = "error" | "null";

src/metadata/definitions/authorized-metadata.ts

@@ -1,5 +1,5 @@
 export interface AuthorizedMetadata {
   target: Function;
   fieldName: string;
-  roles: string[];
+  roles: any[];
 }

src/metadata/definitions/field-metadata.ts

@@ -10,6 +10,6 @@ export interface FieldMetadata {
   description: string | undefined;
   deprecationReason: string | undefined;
   params?: ParamMetadata[];
-  roles?: string[];
+  roles?: any[];
   middlewares?: Array<Middleware<any>>;
 }

src/metadata/definitions/resolver-metadata.ts

@@ -12,7 +12,7 @@ export interface BaseResolverMetadata {
   target: Function;
   handler: Function | undefined;
   params?: ParamMetadata[];
-  roles?: string[];
+  roles?: any[];
   middlewares?: Array<Middleware<any>>;
 }