QT/bigcapital
1
0
Fork 0
mirror of https://github.com/bigcapitalhq/bigcapital.git synced 2026-02-16 12:50:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2d5dcd489767b94a6d689813b27d10f8b894f3c
bigcapital/packages/server/src/modules/Tenancy/TenancyGlobal.guard.ts
Ahmed Bouhuolia 9457b3cda1 feat: api keys
2025-07-01 23:45:38 +02:00

47 lines
1.4 KiB
TypeScript
Raw Blame History

import { isEmpty } from 'lodash';
import {
Injectable,
CanActivate,
ExecutionContext,
UnauthorizedException,
SetMetadata,
} from '@nestjs/common';
import { Reflector } from '@nestjs/core';
import { IS_PUBLIC_ROUTE } from '../Auth/Auth.constants';
export const IS_TENANT_AGNOSTIC = 'IS_TENANT_AGNOSTIC';
export const TenantAgnosticRoute = () => SetMetadata(IS_TENANT_AGNOSTIC, true);
@Injectable()
export class TenancyGlobalGuard implements CanActivate {
constructor(private reflector: Reflector) {}
/**
* Validates the organization ID in the request headers.
* @param {ExecutionContext} context
* @returns {boolean}
*/
canActivate(context: ExecutionContext): boolean {
const request = context.switchToHttp().getRequest();
const organizationId = request.headers['organization-id'];
const authorization = request.headers['authorization']?.trim();
const isPublic = this.reflector.getAllAndOverride<boolean>(
IS_PUBLIC_ROUTE,
[context.getHandler(), context.getClass()],
);
const isTenantAgnostic = this.reflector.getAllAndOverride<boolean>(
IS_TENANT_AGNOSTIC,
[context.getHandler(), context.getClass()],
);
if (isPublic || isTenantAgnostic) {
return true;
}
if (!isEmpty(authorization) && !organizationId) {
throw new UnauthorizedException('Organization ID is required.');
}
return true;
}
}
Reference in New Issue View Git Blame Copy Permalink