Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Angular 2 roles and permissions

Tags:

angular

angular2-routing

angular2-guards

I have used angular2 and laravel 5.3 in my project. in laravel when user logged in server will be send the permissions of the user to handle authorization in angular. so I wrote a guard to protect routes from users that cannot access. here is my guard class code:

export class AccessGuard implements CanActivate{

permissions;
currentRoute;
constructor(private authService:AuthService,private router:Router){
    this.permissions = this.authService.getPermissions();
}

canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot){
    return this.checkHavePermission(state.url);
}

canActivateChild(route: ActivatedRouteSnapshot, state: RouterStateSnapshot){
    return this.checkHavePermission(state.url);
}

private checkHavePermission(url){
    switch (true) {
        case url.match(/^\/panel\/users[\/.*]?/):
            return this.getPermission('user.view');
        case url.match(/^\/panel\/dashboard/):
            return true;
        case url.match(/^\/panel\/permissions/):
            return this.getPermission('permissions.manager');
        case url.match(/^\/panel\/candidates[\/.*]?/):
            return this.getPermission('candidate.view');
    }
}


getPermission(perm){
    for(var i=0;i<this.permissions.length;i++){
        if(this.permissions[i].name == perm ){
            return true;
        }
    }
    return false;
}

}

Now that the routes are secured I wondering that how can I access the user permission inside component class. Because sometimes user can access to a route but he can't see a specific part of dom. how can I handle this kind of situation?

like image 696
Hossein Ahmadi Avatar asked Dec 10 '22 14:12

Hossein Ahmadi

1 Answers

You should store the permissions in the service itself instead of in the guard.

So when the use authenticates, you store the permission in a property of the Authentication Service. Then in the guard, you call the this.authService.<property> to use the permission. In any other component, you can do the same, this.authService.<property> to get the user's permission level

Since the service will be passed around as a singleton, all components will have access to the same property.

like image 167
Dave V Avatar answered Dec 13 '22 21:12

Dave V
Sign in to Comment

Related questions

Angular 2 Inline Style with ngFor
Custom template(transclusion without ng-content) for list component in Angular2
How to force UI "refresh" on nativescript (typescript) with Observables throught http requests?
Angular 2 - How to change the interval of an RxJS Observable
Angularfire 2 Error: The specified authentication provider is not enabled for this Firebase
Angular 2 Execute JS from file using AfterViewInit
Angular 2 Global Variable across multiple component instances
Cannot find module '@angular/forms'
Angular2: Why to use private access specifier to instantiate the providers in constructor

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!