Type safe roles guard with the decorator for controller made easy. Just specify how to get role from ExecutionContext . nestjs-roles will do the rest.

Install

npm i nestjs-roles

Example

First, let's define roles:

export enum Role { ADMIN = 'ADMIN' , USER = 'USER' , MODERATOR = 'MODERATOR' , }

Let's say you use nestjs-session and keep role in session property object of request . So then create guard with getRole callback:

import { ExecutionContext } from '@nestjs/common' ; import { createRolesGuard } from 'nestjs-roles' ; import { Role } from './role.enum' ; function getRole ( context: ExecutionContext ) { const { session } = context.switchToHttp().getRequest(); if (!session) { return ; } return (session as { role?: Role }).role; } export const Roles = createRolesGuard<Role>(getRole);

After that we can set Roles guard globally (don't forget to pass Reflector instance):

import { NestFactory, Reflector } from '@nestjs/core' ; import { Roles } from './roles.guard' ; const app = await NestFactory.create(AppModule); const reflector = app.get<Reflector>(Reflector); app.useGlobalGuards( new Roles(reflector));

All settings are done. Now you can set up access in your controllers:

import { Roles } from './roles.guard' ; ( 'secrets' ) .Params( true ) export class SecretsController { ( 'my' ) async readMy() { } ( ':id' ) .Params(Role.ADMIN) async update() { } }

Do you use this library?

Don't be shy to give it a star! ★

Also if you are into NestJS ecosystem you may be interested in one of my other libs:

nestjs-pino

Platform agnostic logger for NestJS based on pino with request context in every log

nestjs-session

Idiomatic session module for NestJS. Built on top of express-session

nestjs-cookie-session

Idiomatic cookie session module for NestJS. Built on top of cookie-session

nestjs-roles

Type safe roles guard and decorator made easy

nestjs-injectable

@Injectable() on steroids that simplifies work with inversion of control in your hexagonal architecture

nest-ratelimiter

Distributed consistent flexible NestJS rate limiter based on Redis

create-nestjs-middleware-module

Create simple idiomatic NestJS module based on Express/Fastify middleware in just a few lines of code with routing out of the box

nestjs-configure-after

Declarative configuration of NestJS middleware order