Merge pull request #2632 from vNovski/DURACOM-202-some-item-edit-pages-are-accessible-by-anonymous-users

Fixes "some item edit pages are accessible by anonymous users"
2025-10-07 18:14:17 +00:00 · 2023-11-13 14:34:24 -06:00
parent c515cb20ef 6f64db1645
commit e99fff8c5f
3 changed files with 70 additions and 2 deletions
--- a/src/app/item-page/edit-item-page/edit-item-page.routing.module.ts
+++ b/src/app/item-page/edit-item-page/edit-item-page.routing.module.ts
@@ -38,6 +38,8 @@ import { ItemPageBitstreamsGuard } from './item-page-bitstreams.guard';
 import { ItemPageRelationshipsGuard } from './item-page-relationships.guard';
 import { ItemPageVersionHistoryGuard } from './item-page-version-history.guard';
 import { ItemPageCollectionMapperGuard } from './item-page-collection-mapper.guard';
 import { ItemPageCurateGuard } from './item-page-curate.guard';
 import { ItemPageAccessControlGuard } from './item-page-access-control.guard';
 import { ThemedDsoEditMetadataComponent } from '../../dso-shared/dso-edit-metadata/themed-dso-edit-metadata.component';
 import { ItemPageRegisterDoiGuard } from './item-page-register-doi.guard';
 import { ItemCurateComponent } from './item-curate/item-curate.component';
@@ -87,7 +89,8 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
              {
                path: 'curate',
                component: ItemCurateComponent,
-                data: { title: 'item.edit.tabs.curate.title', showBreadcrumbs: true }
+                data: { title: 'item.edit.tabs.curate.title', showBreadcrumbs: true },
                canActivate: [ItemPageCurateGuard]
              },
              {
                path: 'relationships',
@@ -116,7 +119,8 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
              {
                path: 'access-control',
                component: ItemAccessControlComponent,
-                data: { title: 'item.edit.tabs.access-control.title', showBreadcrumbs: true }
+                data: { title: 'item.edit.tabs.access-control.title', showBreadcrumbs: true },
                canActivate: [ItemPageAccessControlGuard]
              },
              {
                path: 'mapper',
@@ -202,11 +206,13 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
    ItemPageWithdrawGuard,
    ItemPageAdministratorGuard,
    ItemPageMetadataGuard,
    ItemPageCurateGuard,
    ItemPageStatusGuard,
    ItemPageBitstreamsGuard,
    ItemPageRelationshipsGuard,
    ItemPageVersionHistoryGuard,
    ItemPageCollectionMapperGuard,
    ItemPageAccessControlGuard,
    ItemPageRegisterDoiGuard,
  ]
 })
--- a/src/app/item-page/edit-item-page/item-page-access-control.guard.ts
+++ b/src/app/item-page/edit-item-page/item-page-access-control.guard.ts
@@ -0,0 +1,31 @@
 import { Injectable } from '@angular/core';
 import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router';
 import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service';
 import { ItemPageResolver } from '../item-page.resolver';
 import { Item } from '../../core/shared/item.model';
 import { DsoPageSingleFeatureGuard } from '../../core/data/feature-authorization/feature-authorization-guard/dso-page-single-feature.guard';
 import { Observable, of as observableOf } from 'rxjs';
 import { FeatureID } from '../../core/data/feature-authorization/feature-id';
 import { AuthService } from '../../core/auth/auth.service';
@Injectable({
  providedIn: 'root'
 })
 /**
 * Guard for preventing unauthorized access to certain {@link Item} pages requiring administrator rights
 */
 export class ItemPageAccessControlGuard extends DsoPageSingleFeatureGuard<Item> {
  constructor(protected resolver: ItemPageResolver,
              protected authorizationService: AuthorizationDataService,
              protected router: Router,
              protected authService: AuthService) {
    super(resolver, authorizationService, router, authService);
  }
  /**
   * Check administrator authorization rights
   */
  getFeatureID(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<FeatureID> {
    return observableOf(FeatureID.AdministratorOf);
  }
 }
--- a/src/app/item-page/edit-item-page/item-page-curate.guard.ts
+++ b/src/app/item-page/edit-item-page/item-page-curate.guard.ts
@@ -0,0 +1,31 @@
 import { Injectable } from '@angular/core';
 import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router';
 import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service';
 import { ItemPageResolver } from '../item-page.resolver';
 import { Item } from '../../core/shared/item.model';
 import { DsoPageSingleFeatureGuard } from '../../core/data/feature-authorization/feature-authorization-guard/dso-page-single-feature.guard';
 import { Observable, of as observableOf } from 'rxjs';
 import { FeatureID } from '../../core/data/feature-authorization/feature-id';
 import { AuthService } from '../../core/auth/auth.service';
@Injectable({
  providedIn: 'root'
 })
 /**
 * Guard for preventing unauthorized access to certain {@link Item} pages requiring administrator rights
 */
 export class ItemPageCurateGuard extends DsoPageSingleFeatureGuard<Item> {
  constructor(protected resolver: ItemPageResolver,
              protected authorizationService: AuthorizationDataService,
              protected router: Router,
              protected authService: AuthService) {
    super(resolver, authorizationService, router, authService);
  }
  /**
   * Check administrator authorization rights
   */
  getFeatureID(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<FeatureID> {
    return observableOf(FeatureID.AdministratorOf);
  }
 }