From d401a92a17d27d33ff8cc8f2d226cd98eaad28ad Mon Sep 17 00:00:00 2001 From: Yura Bondarenko Date: Thu, 25 Feb 2021 14:06:59 +0100 Subject: [PATCH] 77205: Add CanManageGroupGuard & configure routing --- .../guards/can-manage-group.guard.spec.ts | 16 +++++++++++++++ .../guards/can-manage-group.guard.ts | 20 +++++++++++++++++++ src/app/app-routing.module.ts | 9 ++++++++- 3 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 src/app/access-control/guards/can-manage-group.guard.spec.ts create mode 100644 src/app/access-control/guards/can-manage-group.guard.ts diff --git a/src/app/access-control/guards/can-manage-group.guard.spec.ts b/src/app/access-control/guards/can-manage-group.guard.spec.ts new file mode 100644 index 0000000000..aa3fd9be5d --- /dev/null +++ b/src/app/access-control/guards/can-manage-group.guard.spec.ts @@ -0,0 +1,16 @@ +import { TestBed } from '@angular/core/testing'; + +import { CanManageGroupGuard } from './can-manage-group.guard'; + +describe('CanManageGroupGuard', () => { + let guard: CanManageGroupGuard; + + beforeEach(() => { + TestBed.configureTestingModule({}); + guard = TestBed.inject(CanManageGroupGuard); + }); + + it('should be created', () => { + expect(guard).toBeTruthy(); + }); +}); diff --git a/src/app/access-control/guards/can-manage-group.guard.ts b/src/app/access-control/guards/can-manage-group.guard.ts new file mode 100644 index 0000000000..7b62fecf2c --- /dev/null +++ b/src/app/access-control/guards/can-manage-group.guard.ts @@ -0,0 +1,20 @@ +import { Injectable } from '@angular/core'; +import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router'; +import { Observable } from 'rxjs'; +import { FeatureID } from '../../core/data/feature-authorization/feature-id'; +import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service'; + +/** + * Guard for preventing unauthorized access to /access-control/groups/* + */ +@Injectable({ + providedIn: 'root' +}) +export class CanManageGroupGuard implements CanActivate { + constructor(private authorizationService: AuthorizationDataService) { + } + + canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable { + return this.authorizationService.isAuthorized(FeatureID.CanManageGroups); + } +} diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts index e14672f1f5..a7e736a630 100644 --- a/src/app/app-routing.module.ts +++ b/src/app/app-routing.module.ts @@ -6,6 +6,7 @@ import { PageNotFoundComponent } from './pagenotfound/pagenotfound.component'; import { AuthenticatedGuard } from './core/auth/authenticated.guard'; import { SiteAdministratorGuard } from './core/data/feature-authorization/feature-authorization-guard/site-administrator.guard'; import { + ACCESS_CONTROL_MODULE_PATH, ADMIN_MODULE_PATH, BITSTREAM_MODULE_PATH, FORBIDDEN_PATH, @@ -13,7 +14,7 @@ import { INFO_MODULE_PATH, PROFILE_MODULE_PATH, REGISTER_PATH, - WORKFLOW_ITEM_MODULE_PATH + WORKFLOW_ITEM_MODULE_PATH, } from './app-routing-paths'; import { COLLECTION_MODULE_PATH } from './+collection-page/collection-page-routing-paths'; import { COMMUNITY_MODULE_PATH } from './+community-page/community-page-routing-paths'; @@ -23,6 +24,7 @@ import { ReloadGuard } from './core/reload/reload.guard'; import { EndUserAgreementCurrentUserGuard } from './core/end-user-agreement/end-user-agreement-current-user.guard'; import { SiteRegisterGuard } from './core/data/feature-authorization/feature-authorization-guard/site-register.guard'; import { ForbiddenComponent } from './forbidden/forbidden.component'; +import { CanManageGroupGuard } from './access-control/guards/can-manage-group.guard'; @NgModule({ imports: [ @@ -175,6 +177,11 @@ import { ForbiddenComponent } from './forbidden/forbidden.component'; loadChildren: () => import('./statistics-page/statistics-page-routing.module') .then((m) => m.StatisticsPageRoutingModule), }, + { + path: ACCESS_CONTROL_MODULE_PATH, + loadChildren: () => import('./access-control/access-control.module').then((m) => m.AccessControlModule), + canActivate: [CanManageGroupGuard], + }, { path: '**', pathMatch: 'full', component: PageNotFoundComponent }, ]} ],{