0
0
NestJSframework~20 mins

Why guards control access in NestJS - Challenge Your Understanding

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
NestJS Guard Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
What is the primary role of a guard in NestJS?
In NestJS, guards are used to control access to routes or controllers. What is the main purpose of a guard?
ATo manage database connections for each request
BTo transform the response data before sending it to the client
CTo handle exceptions and send error responses
DTo determine if a request should be allowed to proceed based on custom logic
Attempts:
2 left
💡 Hint
Think about what controls whether a user can enter a route or not.
component_behavior
intermediate
2:00remaining
What happens when a guard returns false?
Consider a NestJS guard that returns false during a request. What is the effect on the request processing?
AThe request is denied and a 403 Forbidden response is sent
BThe request proceeds to the next middleware or handler
CThe request is redirected to the login page automatically
DThe server crashes with an error
Attempts:
2 left
💡 Hint
Think about what happens when access is denied.
📝 Syntax
advanced
2:30remaining
Identify the correct guard implementation syntax
Which of the following code snippets correctly implements a NestJS guard that allows access only if the user role is 'admin'?
NestJS
import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';

@Injectable()
export class AdminGuard implements CanActivate {
  canActivate(context: ExecutionContext): boolean {
    const request = context.switchToHttp().getRequest();
    const user = request.user;
    // Check user role
    return ???;
  }
}
Areturn user?.role === 'admin';
Breturn user.role = 'admin';
Creturn user.role == 'admin';
Dreturn user.role === admin;
Attempts:
2 left
💡 Hint
Use strict equality and optional chaining to avoid errors if user is undefined.
state_output
advanced
2:00remaining
What is the output when a guard throws an exception?
Given this guard code snippet, what will be the HTTP response status code if the guard throws a ForbiddenException? import { CanActivate, ExecutionContext, Injectable, ForbiddenException } from '@nestjs/common'; @Injectable() export class SampleGuard implements CanActivate { canActivate(context: ExecutionContext): boolean { throw new ForbiddenException('Access denied'); } }
A500 Internal Server Error
B401 Unauthorized with message 'Access denied'
C403 Forbidden with message 'Access denied'
D200 OK with empty response
Attempts:
2 left
💡 Hint
ForbiddenException corresponds to which HTTP status code?
🔧 Debug
expert
3:00remaining
Why does this guard block even admin access?
Review the following guard code. Why does it fail to allow access for users with the 'admin' role? import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'; @Injectable() export class FaultyGuard implements CanActivate { canActivate(context: ExecutionContext): boolean { const request = context.switchToHttp().getRequest(); const user = request.user; if (user.role === 'admin') { true; } return false; } }
AThe user object is undefined, causing a runtime error
BThe guard always returns false because the if block does not return true explicitly
CThe guard returns true for all users because of missing else statement
DThe guard throws an exception instead of returning a boolean
Attempts:
2 left
💡 Hint
Check if the if block returns a value properly.