fase(9): auth module with casl rbac and session management

dist/modules/auth/infrastructure/casl/AbilityFactory.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defineAbilityFor = defineAbilityFor;
+const ability_1 = require("@casl/ability");
+function defineAbilityFor(role) {
+    const { can, cannot, build } = new ability_1.AbilityBuilder(ability_1.createMongoAbility);
+    switch (role) {
+        case 'owner':
+            can('manage', 'all');
+            break;
+        case 'admin':
+            can('manage', 'all');
+            cannot('delete', 'Organization');
+            cannot('manage', 'License');
+            can('read', 'License');
+            break;
+        case 'member':
+            can('create', ['Session', 'Finding', 'Report']);
+            can('read', 'all');
+            can('update', 'Finding');
+            break;
+        case 'viewer':
+            can('read', 'all');
+            break;
+        default:
+            break;
+    }
+    return build();
+}