@brandazm/dynamic-permissions NPM

NestJS Dynamic Permissions

A flexible and powerful permissions management system for NestJS applications with built-in security features.

Features

Permission Management

Dynamic role-based access control (RBAC)
Fine-grained permission control
Role hierarchy support
Public routes configuration
Permission strategy (whitelist/blacklist)

Security Features

Rate limiting protection
CORS configuration
Helmet security headers
Request validation
Multiple security templates (Basic, Strict, Enterprise)

Configuration Management

Multiple configuration templates
Configuration publishing
Easy updates and migrations
TypeScript type definitions
Environment-specific settings

Error Handling

Centralized error handling
Custom exception classes
Standardized error responses
Environment-specific error details

Audit & Monitoring

Audit logging
Performance monitoring
Security event tracking
Detailed logging system

Installation

npm i @brandazm/dynamic-permissions

Quick Start

1. Initialize Configuration

# Initialize with basic configuration
npx nestjs-permissions init

# Or use a specific template
npx nestjs-permissions init -t advanced

2. Module Setup

import { PermissionsModule } from '@brandazm/dynamic-permissions';

@Module({
  imports: [
    PermissionsModule.register()
  ]
})
export class AppModule {}

3. Apply Permissions

import { RequirePermission } from '@brandazm/dynamic-permissions';

@Controller('users')
export class UserController {
  @RequirePermission(['user.read'])
  @Get()
  findAll() {
    return this.userService.findAll();
  }
}

Security Configuration

1. Initialize Security Settings

# Publish security configuration
npx nestjs-permissions publish-security-config

# Use strict security template
npx nestjs-permissions publish-security-config -t strict

2. Available Security Templates

Basic: Essential security features
Strict: Enhanced security with stricter settings
Enterprise: Full-featured security for enterprise applications

3. Security Features

const securityConfig = {
  rateLimit: {
    enabled: true,
    windowMs: 15 * 60 * 1000,
    max: 100
  },
  cors: {
    enabled: true,
    allowedOrigins: ['https://your-domain.com'],
    allowedMethods: ['GET', 'POST'],
    allowedHeaders: ['Content-Type', 'Authorization']
  },
  helmet: {
    enabled: true,
    contentSecurityPolicy: true,
    // ... other security headers
  },
  requestValidation: {
    maxBodySize: 10 * 1024 * 1024,
    requireJsonContent: true,
    validateContentType: true
  }
};

CLI Commands

Configuration Management

# Initialize project
npx nestjs-permissions init

# Publish configuration
npx nestjs-permissions publish-config

# Generate migration
npx nestjs-permissions generate-migration

# Validate configuration
npx nestjs-permissions validate-config

Security Management

# Publish security configuration
npx nestjs-permissions publish-security-config

# Update security settings
npx nestjs-permissions update-security-config

# List security templates
npx nestjs-permissions list-security-templates