在类型‘Query’上找不到参数类型为‘字符串’的索引签名,

r3i60tvu  于 2022-09-21  发布在  Node.js
关注(0)|答案(1)|浏览(159)

我在我的API中使用了用于RBAC(基于角色的访问控制)的Access Control NPM包。这是我的代码,用于检查用户是否拥有对资源的权限:

export const checkUserPermission = async (
  req: Request,      
  role: string,
  resource: string,
  action = 'readAny'
) => {
  const userRole = await Role.findOne({ name: role });
  if (!userRole) return sendErrorResponse(res, 400, 'Role is not exists.');
  const grantLists = await getPermissionsBasedOnRole(role);
  if (grantLists.length === 0)
    return sendErrorResponse(
      res,
      401,
      'Permission is not assigned for this role. please assign and try again.'
    );
  const ac = new AccessControl(grantLists);
  const permission = ac.can(role)[action](resource);
  if (!permission.granted)
    return sendErrorResponse(
      res,
      500,
      'You have no permission to perform this action.'
    );
};

在NodeJS中,该函数工作得很好。但当我尝试使用TypeScrip时,我得到了这样的错误:

Element implicitly has an 'any' type because expression of type 'string' can't be used to index type 'Query'.
  No index signature with a parameter of type 'string' was found on type 'Query'.

从…

const permission = ac.can(role)[action](resource);
qpgpyjmq

qpgpyjmq1#

在阅读了打字文档后,我找到了解决方案,特别是https://www.typescriptlang.org/docs/handbook/2/everyday-types.html#type-aliases

我只需使用TypeScrip中的类型别名声明操作的类型,并将操作类型注解为以下内容,一切都很正常:

type ActionType = 'createAny' | 'updateAny' | 'deleteAny' | 'readAny';

以下是完整的源代码:

type ActionType = 'createAny' | 'updateAny' | 'deleteAny' | 'readAny';

export const checkUserPermission = async (
  res: Response,
  role: string,
  resource: string,
  action: ActionType
) => {
  const userRole = await Role.findOne({ name: role });
  if (!userRole) return sendErrorResponse(res, 401, 'Role is not exists.');
  const grantLists = await getPermissionsBasedOnRole(role);
  if (grantLists.length === 0)
    return sendErrorResponse(
      res,
      401,
      'Permission is not assigned for this role. please assign and try again.'
    );
  const ac = new AccessControl(grantLists);
  const permission = ac.can(role)[action](resource);
  if (!permission.granted)
    return sendErrorResponse(
      res,
      500,
      'You have no permission to perform this action.'
    );
};

相关问题