Skip to content

Commit

Permalink
Merge pull request nestjs#2863 from linardsblk/casl-links-v6
Browse files Browse the repository at this point in the history
docs: Update casl.js.org linmks to v6
  • Loading branch information
kamilmysliwiec authored Sep 21, 2023
2 parents 7183349 + 67b33b2 commit 73c8d1d
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions content/security/authorization.md
Original file line number Diff line number Diff line change
Expand Up @@ -253,7 +253,7 @@ export class CaslAbilityFactory {
cannot(Action.Delete, Article, { isPublished: true });

return build({
// Read https://casl.js.org/v5/en/guide/subject-type-detection#use-classes-as-subject-types for details
// Read https://casl.js.org/v6/en/guide/subject-type-detection#use-classes-as-subject-types for details
detectSubjectType: (item) =>
item.constructor as ExtractSubjectType<Subjects>,
});
Expand All @@ -265,9 +265,9 @@ export class CaslAbilityFactory {
> info **Hint** `Ability`, `AbilityBuilder`, `AbilityClass`, and `ExtractSubjectType` classes are exported from the `@casl/ability` package.
> info **Hint** `detectSubjectType` option let CASL understand how to get subject type out of an object. For more information read [CASL documentation](https://casl.js.org/v5/en/guide/subject-type-detection#use-classes-as-subject-types) for details.
> info **Hint** `detectSubjectType` option let CASL understand how to get subject type out of an object. For more information read [CASL documentation](https://casl.js.org/v6/en/guide/subject-type-detection#use-classes-as-subject-types) for details.
In the example above, we created the `Ability` instance using the `AbilityBuilder` class. As you probably guessed, `can` and `cannot` accept the same arguments but have different meanings, `can` allows to do an action on the specified subject and `cannot` forbids. Both may accept up to 4 arguments. To learn more about these functions, visit the official [CASL documentation](https://casl.js.org/v5/en/guide/intro).
In the example above, we created the `Ability` instance using the `AbilityBuilder` class. As you probably guessed, `can` and `cannot` accept the same arguments but have different meanings, `can` allows to do an action on the specified subject and `cannot` forbids. Both may accept up to 4 arguments. To learn more about these functions, visit the official [CASL documentation](https://casl.js.org/v6/en/guide/intro).

Lastly, make sure to add the `CaslAbilityFactory` to the `providers` and `exports` arrays in the `CaslModule` module definition:

Expand Down Expand Up @@ -297,7 +297,7 @@ if (ability.can(Action.Read, 'all')) {
}
```

> info **Hint** Learn more about the `Ability` class in the official [CASL documentation](https://casl.js.org/v5/en/guide/intro).
> info **Hint** Learn more about the `Ability` class in the official [CASL documentation](https://casl.js.org/v6/en/guide/intro).
For example, let's say we have a user who is not an admin. In this case, the user should be able to read articles, but creating new ones or removing the existing articles should be prohibited.

Expand Down

0 comments on commit 73c8d1d

Please sign in to comment.