77205: Add CanManageGroupGuard & configure routing

2025-10-07 01:54:15 +00:00 · 2021-02-25 14:06:59 +01:00
parent 801cea4062
commit d401a92a17
3 changed files with 44 additions and 1 deletions
--- a/src/app/access-control/guards/can-manage-group.guard.spec.ts
+++ b/src/app/access-control/guards/can-manage-group.guard.spec.ts
@@ -0,0 +1,16 @@
+import { TestBed } from '@angular/core/testing';
+
+import { CanManageGroupGuard } from './can-manage-group.guard';
+
+describe('CanManageGroupGuard', () => {
+  let guard: CanManageGroupGuard;
+
+  beforeEach(() => {
+    TestBed.configureTestingModule({});
+    guard = TestBed.inject(CanManageGroupGuard);
+  });
+
+  it('should be created', () => {
+    expect(guard).toBeTruthy();
+  });
+});
--- a/src/app/access-control/guards/can-manage-group.guard.ts
+++ b/src/app/access-control/guards/can-manage-group.guard.ts
@@ -0,0 +1,20 @@
+import { Injectable } from '@angular/core';
+import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
+import { Observable } from 'rxjs';
+import { FeatureID } from '../../core/data/feature-authorization/feature-id';
+import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service';
+
+/**
+ * Guard for preventing unauthorized access to /access-control/groups/*
+ */
+@Injectable({
+  providedIn: 'root'
+})
+export class CanManageGroupGuard implements CanActivate {
+  constructor(private authorizationService: AuthorizationDataService) {
+  }
+
+  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean>  {
+    return this.authorizationService.isAuthorized(FeatureID.CanManageGroups);
+  }
+}
--- a/src/app/app-routing.module.ts
+++ b/src/app/app-routing.module.ts
@@ -6,6 +6,7 @@ import { PageNotFoundComponent } from './pagenotfound/pagenotfound.component';
 import { AuthenticatedGuard } from './core/auth/authenticated.guard';
 import { SiteAdministratorGuard } from './core/data/feature-authorization/feature-authorization-guard/site-administrator.guard';
 import {
+  ACCESS_CONTROL_MODULE_PATH,
  ADMIN_MODULE_PATH,
  BITSTREAM_MODULE_PATH,
  FORBIDDEN_PATH,
@@ -13,7 +14,7 @@ import {
  INFO_MODULE_PATH,
  PROFILE_MODULE_PATH,
  REGISTER_PATH,
-  WORKFLOW_ITEM_MODULE_PATH
+  WORKFLOW_ITEM_MODULE_PATH,
 } from './app-routing-paths';
 import { COLLECTION_MODULE_PATH } from './+collection-page/collection-page-routing-paths';
 import { COMMUNITY_MODULE_PATH } from './+community-page/community-page-routing-paths';
@@ -23,6 +24,7 @@ import { ReloadGuard } from './core/reload/reload.guard';
 import { EndUserAgreementCurrentUserGuard } from './core/end-user-agreement/end-user-agreement-current-user.guard';
 import { SiteRegisterGuard } from './core/data/feature-authorization/feature-authorization-guard/site-register.guard';
 import { ForbiddenComponent } from './forbidden/forbidden.component';
+import { CanManageGroupGuard } from './access-control/guards/can-manage-group.guard';

@NgModule({
  imports: [
@@ -175,6 +177,11 @@ import { ForbiddenComponent } from './forbidden/forbidden.component';
            loadChildren: () => import('./statistics-page/statistics-page-routing.module')
              .then((m) => m.StatisticsPageRoutingModule),
          },
+          {
+            path: ACCESS_CONTROL_MODULE_PATH,
+            loadChildren: () => import('./access-control/access-control.module').then((m) => m.AccessControlModule),
+            canActivate: [CanManageGroupGuard],
+          },
          { path: '**', pathMatch: 'full', component: PageNotFoundComponent },
      ]}
    ],{