hazza/dspace-angular
1
0
Fork 1
mirror of https://github.com/DSpace/dspace-angular.git synced 2025-10-08 02:24:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

71429: Abstract FeatureAuthorizationGuard + small fix

Browse Source
This commit is contained in:
Kristof De Langhe
2020-06-18 17:39:11 +02:00
parent bbbeddc875
commit 89afaaa4a5
6 changed files with 79 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/app/+admin/admin-sidebar/admin-sidebar.component.ts
View File

@@ -73,7 +73,7 @@ export class AdminSidebarComponent extends MenuComponent implements OnInit {
* Set and calculate all initial values of the instance variables * Set and calculate all initial values of the instance variables
*/ */
ngOnInit(): void { ngOnInit(): void {
this.authorizationService.isAuthenticated(FeatureType.AdministratorOf).pipe(take(1)).subscribe((authorized) => { this.authorizationService.isAuthenticated(FeatureType.AdministratorOf).subscribe((authorized) => {
this.createMenu(authorized); this.createMenu(authorized);
super.ngOnInit(); super.ngOnInit();
this.sidebarWidth = this.variableService.getVariable('sidebarItemsWidth'); this.sidebarWidth = this.variableService.getVariable('sidebarItemsWidth');

2
src/app/app-routing.module.ts
View File

@@ -10,7 +10,7 @@ import { Collection } from './core/shared/collection.model';
import { Item } from './core/shared/item.model'; import { Item } from './core/shared/item.model';
import { getItemPageRoute } from './+item-page/item-page-routing.module'; import { getItemPageRoute } from './+item-page/item-page-routing.module';
import { getCollectionPageRoute } from './+collection-page/collection-page-routing.module'; import { getCollectionPageRoute } from './+collection-page/collection-page-routing.module';
import { SiteAdministratorGuard } from './core/data/feature-authorization/site-administrator.guard'; import { SiteAdministratorGuard } from './core/data/feature-authorization/feature-authorization-guard/site-administrator.guard';
const ITEM_MODULE_PATH = 'items'; const ITEM_MODULE_PATH = 'items';

2
src/app/core/core.module.ts
View File

@@ -149,7 +149,7 @@ import { Feature } from './shared/feature.model';
import { Authorization } from './shared/authorization.model'; import { Authorization } from './shared/authorization.model';
import { FeatureDataService } from './data/feature-authorization/feature-data.service'; import { FeatureDataService } from './data/feature-authorization/feature-data.service';
import { AuthorizationDataService } from './data/feature-authorization/authorization-data.service'; import { AuthorizationDataService } from './data/feature-authorization/authorization-data.service';
import { SiteAdministratorGuard } from './data/feature-authorization/site-administrator.guard'; import { SiteAdministratorGuard } from './data/feature-authorization/feature-authorization-guard/site-administrator.guard';
/** /**
* When not in production, endpoint responses can be mocked for testing purposes * When not in production, endpoint responses can be mocked for testing purposes

52
src/app/core/data/feature-authorization/feature-authorization-guard/feature-authorization.guard.ts Normal file
View File

@@ -0,0 +1,52 @@
import { ActivatedRouteSnapshot, CanActivate, CanLoad, Route, RouterStateSnapshot, UrlSegment } from '@angular/router';
import { AuthorizationDataService } from '../authorization-data.service';
import { FeatureType } from '../feature-type';
import { Observable } from 'rxjs/internal/Observable';
/**
* Abstract Guard for preventing unauthorized activating and loading of routes when a user
* doesn't have authorized rights on a specific feature and/or object.
* Override the desired getters in the parent class for checking specific authorization on a feature and/or object.
*/
export abstract class FeatureAuthorizationGuard implements CanActivate, CanLoad {
constructor(protected authorizationService: AuthorizationDataService) {
}
/**
* True when user has authorization rights for the feature and object provided
*/
canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> {
return this.authorizationService.isAuthenticated(this.getFeatureType(), this.getObjectUrl(), this.getEPersonUuid());
}
/**
* True when user has authorization rights for the feature and object provided
*/
canLoad(route: Route, segments: UrlSegment[]): Observable<boolean> {
return this.authorizationService.isAuthenticated(this.getFeatureType(), this.getObjectUrl(), this.getEPersonUuid());
}
/**
* The type of feature to check authorization for
* Override this method to define a feature
*/
getFeatureType(): FeatureType {
return undefined;
}
/**
* The URL of the object to check if the user has authorized rights for
* Override this method to define an object URL. If not provided, the {@link Site}'s URL will be used
*/
getObjectUrl(): string {
return undefined;
}
/**
* The UUID of the user to check authorization rights for
* Override this method to define an {@link EPerson} UUID. If not provided, the authenticated user's UUID will be used.
*/
getEPersonUuid(): string {
return undefined;
}
}

24
src/app/core/data/feature-authorization/feature-authorization-guard/site-administrator.guard.ts Normal file
View File

@@ -0,0 +1,24 @@
import { Injectable } from '@angular/core';
import { FeatureAuthorizationGuard } from './feature-authorization.guard';
import { FeatureType } from '../feature-type';
import { AuthorizationDataService } from '../authorization-data.service';
/**
* Prevent unauthorized activating and loading of routes when the current authenticated user doesn't have administrator
* rights to the {@link Site}
*/
@Injectable({
providedIn: 'root'
})
export class SiteAdministratorGuard extends FeatureAuthorizationGuard {
constructor(protected authorizationService: AuthorizationDataService) {
super(authorizationService);
}
/**
* Check administrator authorization rights
*/
getFeatureType(): FeatureType {
return FeatureType.AdministratorOf;
}
}

31
src/app/core/data/feature-authorization/site-administrator.guard.ts
View File

@@ -1,31 +0,0 @@
import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, CanActivate, CanLoad, Route, RouterStateSnapshot, UrlSegment } from '@angular/router';
import { Observable } from 'rxjs';
import { AuthorizationDataService } from './authorization-data.service';
import { FeatureType } from './feature-type';
/**
* Prevent unauthorized activating and loading of routes when the current authenticated user doesn't have administrator
* rights to the {@link Site}
*/
@Injectable({
providedIn: 'root'
})
export class SiteAdministratorGuard implements CanActivate, CanLoad {
constructor(private authorizationService: AuthorizationDataService) {
}
/**
* True when user has administrator rights to the {@link Site}
*/
canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> {
return this.authorizationService.isAuthenticated(FeatureType.AdministratorOf);
}
/**
* True when user has administrator rights to the {@link Site}
*/
canLoad(route: Route, segments: UrlSegment[]): Observable<boolean> {
return this.authorizationService.isAuthenticated(FeatureType.AdministratorOf);
}
}