Add the beginngins of a role guard

packages/bridge-server/src/authorization/roles.decorator.ts

@@ -0,0 +1,3 @@
+import { Reflector } from '@nestjs/core';
+
+export const Roles = Reflector.createDecorator<string[]>();

packages/bridge-server/src/authorization/roles.guard.ts

@@ -0,0 +1,26 @@
+import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { Roles } from './roles.decorator';
+
+@Injectable()
+export class RolesGuard implements CanActivate {
+  constructor(private reflector: Reflector) {}
+
+  canActivate(context: ExecutionContext): boolean {
+    const roles = this.reflector.get(Roles, context.getHandler());
+    if (!roles) {
+      return true;
+    }
+    const request = context.switchToHttp().getRequest();
+    const user = request.user;
+
+    roles.forEach(role => {
+        if(user.permissions.includes(role) == false) {
+            console.log("Missing " + role + " permission")
+            return false;
+        }
+    });
+
+    return true;
+  }
+}

packages/bridge-server/src/authz/authz.guard.ts

@@ -9,14 +9,12 @@ import { AuthGuard } from '@nestjs/passport';
 @Injectable()
 export class JwtAuthGuard extends AuthGuard('jwt') {
     canActivate(context: ExecutionContext) {
-        console.log("runnign")
         // Add your custom authentication logic here
         // for example, call super.logIn(request) to establish a session.
         return super.canActivate(context);
     }
   
     handleRequest(err, user, info) {
-        console.log("runnign!!")
         // You can throw an exception based on either "info" or "err" arguments
         if (err || !user) {
             throw err || new UnauthorizedException();

packages/bridge-server/src/seasons/seasons.controller.ts

@@ -2,6 +2,9 @@ import { Body, Controller, Get, Param, Post, UseGuards } from '@nestjs/common';
 import { SeasonsService } from './seasons.service';
 import { SeasonStandingsService } from 'src/season-standings/season-standings.service';
 import { AuthGuard } from '@nestjs/passport';
+import { JwtAuthGuard } from 'src/authz/authz.guard';
+import { RolesGuard } from 'src/authorization/roles.guard';
+import { Roles } from 'src/authorization/roles.decorator';
 
 @Controller('seasons')
 export class SeasonsController {
@@ -25,8 +28,9 @@ export class SeasonsController {
         return this.seasonStandingsService.updateStandings(params.id);
     }
 
-    @UseGuards(AuthGuard('jwt'))
+    @UseGuards(JwtAuthGuard, RolesGuard)
     @Post('create')
+    @Roles(['create:seasons'])
     create(@Body() body: any) {
         return this.seasonsService.create(body.title, body.subTitle, body.startingDate);
     }