From 26e174f3ccf872cfc569f13251daa1a6930ac372 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Mon, 30 Mar 2020 07:20:11 +0200 Subject: [PATCH] Reworking guards --- src/app/app-routing.module.ts | 16 +++--- src/app/app.module.ts | 4 +- .../guards/authenticated-guard.service.ts | 52 +++++++++++-------- 3 files changed, 40 insertions(+), 32 deletions(-) diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts index 6282a9a2..93171795 100644 --- a/src/app/app-routing.module.ts +++ b/src/app/app-routing.module.ts @@ -16,16 +16,16 @@ import {LoginComponent} from "./login/login.component"; import {UnauthorizedComponent} from "./unauthorized/unauthorized.component"; import {LogoutComponent} from "./logout/logout.component"; import {AutologinComponent} from "./autologin/autologin.component"; -import {AuthenticatedGuard} from "./misc/guards/authenticated-guard.service"; +import {AuthGuard} from "./misc/guards/authenticated-guard.service"; const routes: Routes = [ - { path: "browse", component: BrowseComponent, pathMatch: "full", resolve: { shows: LibraryResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "browse/:library-slug", component: BrowseComponent, resolve: { shows: LibraryResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "show/:show-slug", component: ShowDetailsComponent, resolve: { show: ShowResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "collection/:collection-slug", component: CollectionComponent, resolve: { collection: CollectionResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "people/:people-slug", component: CollectionComponent, resolve: { collection: PeopleResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "watch/:item", component: PlayerComponent, resolve: { item: StreamResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, - { path: "search/:query", component: SearchComponent, resolve: { items: SearchResolverService }, canLoad: [AuthenticatedGuard], canActivate: [AuthenticatedGuard] }, + { path: "browse", component: BrowseComponent, pathMatch: "full", resolve: { shows: LibraryResolverService }, },// canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, + { path: "browse/:library-slug", component: BrowseComponent, resolve: { shows: LibraryResolverService }, canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, + { path: "show/:show-slug", component: ShowDetailsComponent, resolve: { show: ShowResolverService }, canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, + { path: "collection/:collection-slug", component: CollectionComponent, resolve: { collection: CollectionResolverService }, canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, + { path: "people/:people-slug", component: CollectionComponent, resolve: { collection: PeopleResolverService }, canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, + { path: "watch/:item", component: PlayerComponent, resolve: { item: StreamResolverService }, canLoad: [AuthGuard.forPermissions("play")], canActivate: [AuthGuard.forPermissions("play")] }, + { path: "search/:query", component: SearchComponent, resolve: { items: SearchResolverService }, canLoad: [AuthGuard.forPermissions("read")], canActivate: [AuthGuard.forPermissions("read")] }, { path: "login", component: LoginComponent }, { path: "logout", component: LogoutComponent }, { path: "autologin", component: AutologinComponent }, diff --git a/src/app/app.module.ts b/src/app/app.module.ts index 5be978ac..0dd80f74 100644 --- a/src/app/app.module.ts +++ b/src/app/app.module.ts @@ -42,7 +42,7 @@ import { UnauthorizedComponent } from './unauthorized/unauthorized.component'; import { LogoutComponent } from './logout/logout.component'; import {MatDialogModule} from '@angular/material/dialog'; import {FallbackDirective} from "./misc/fallback.directive"; -import {AuthenticatedGuard} from "./misc/guards/authenticated-guard.service"; +import {AuthGuard} from "./misc/guards/authenticated-guard.service"; import { AutologinComponent } from './autologin/autologin.component'; export function loadConfig(oidcConfigService: OidcConfigService) @@ -105,7 +105,7 @@ export function loadConfig(oidcConfigService: OidcConfigService) deps: [OidcConfigService], multi: true }, - AuthenticatedGuard + AuthGuard ], bootstrap: [AppComponent] }) diff --git a/src/app/misc/guards/authenticated-guard.service.ts b/src/app/misc/guards/authenticated-guard.service.ts index 079ac760..f11744f3 100644 --- a/src/app/misc/guards/authenticated-guard.service.ts +++ b/src/app/misc/guards/authenticated-guard.service.ts @@ -12,28 +12,36 @@ import { import { Observable } from 'rxjs'; import {AuthService} from "../../services/auth.service"; -@Injectable({ - providedIn: 'root' -}) -export class AuthenticatedGuard implements CanActivate, CanLoad +@Injectable({providedIn: "root"}) +export class AuthGuard { - constructor(private router: Router, private authManager: AuthService) {} + static forPermissions(permissions: string | string[]) + { + @Injectable() + class AuthenticatedGuard implements CanActivate, CanLoad + { + constructor(private router: Router, private authManager: AuthService) {} - canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable | Promise | boolean | UrlTree - { - return this.checkPermissions(); - } - - canLoad(route: Route, segments: UrlSegment[]): Observable | Promise | boolean - { - return this.checkPermissions(); - } + canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable | Promise | boolean | UrlTree + { + return this.checkPermissions(); + } - checkPermissions() : boolean - { - if (this.authManager.isAuthenticated) - return true; - this.router.navigate(["/unauthorized"]); - return false; - } -} + canLoad(route: Route, segments: UrlSegment[]): Observable | Promise | boolean + { + return this.checkPermissions(); + } + + checkPermissions(): boolean + { + if (this.authManager.isAuthenticated) + { + // if (this.authManager.user.claims) + return true; + } + this.router.navigate(["/unauthorized"]); + return false; + } + } + } +} \ No newline at end of file