💥 Major Changes
- Reasons: Give your rules custom a custom message
...
const Guard = GuardBuilder<ExtendedResourceTypes, ExtendedAbilityTypes>(
async (ctx, { can, cannot }) => {
cannot('manage', 'all')
can("create", "article")
cannot("create", "article").reason("Because I say so")
...
const { can, reason } = Guard.can("create", "article",{},{})
console.log(can) // false
console.log(reason) // "Because I say so"This introduces a breaking change if you are using Guard.can
// Before
- const can = Guard.can("create", "article",{},{})
// now
+ const { can, reason } = Guard.can("create", "article",{},{})At the same time, if you are using the getAbility hook, the return type now is an object instead of a boolean
...
const [[canCreateComment, canDeleteComment], { isLoading }] = useQuery(getAbility, [
["create", "comment"],
["delete", "comment" /* args */],
])
console.log(canCreateComment.can) // true
console.log(canCreateComment.reason) // "some reason"
console.log(canDeleteComment.can) // false
console.log(canDeleteComment.reason) // "some reason"// Before
- const [[canCreateComment], { isLoading }] = useQuery(getAbility, [
- console.log(canCreateComment) // true
// Now
+ console.log(canCreateComment.can) // true
+ console.log(canCreateComment.reason) // "some reason"🚀 Minor Changes
- Adds Guard.authorizePipe
...
resolver.pipe(
resolver.zod(CreateProject),
Guard.authorizePipe("create", "project"),
...If you are using pipes in your queries or mutations you can use Guard.authorizePipe as shown in the example. If the authorization fails it will throw an AuthorizationError
See usage here: https://ntgussoni.github.io/blitz-guard/docs/secure-your-endpoints/#guardauthorizepipe
Internal Meta Changes
- Updates docs
- Update of dependencies