add function for separeate roles in Session| add isCommunityRI method in community service and RIGuard || change admin guard to be only administrator | add claims curator guard|
git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-services-library/trunk/ng-openaire-library/src/app@51526 d315682c-612b-4755-9ff5-7f18f6832af3
This commit is contained in:
parent
f4c10e12c0
commit
5139077569
|
@ -31,7 +31,9 @@ export class CommunityService {
|
|||
iscommunityManager(url: string, manager:string){
|
||||
return this.http.get(url).map(res => <any> res.json()).map(res => this.parseCommunity(res)).map(community => community.managers.indexOf(manager)!=-1);
|
||||
}
|
||||
|
||||
iscommunityRI(url: string){
|
||||
return this.http.get(url).map(res => <any> res.json()).map(res => this.parseCommunity(res)).map(community => (community && community.type && community.type !="community"));
|
||||
}
|
||||
parseCommunity(data:any): CommunityInfo {
|
||||
|
||||
let length = Array.isArray(data) ? data.length :1;
|
||||
|
|
|
@ -13,7 +13,6 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
|||
constructor(private router: Router, private communityService: CommunityService, private propertiesService:EnvironmentSpecificService ) {}
|
||||
|
||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||
console.log("aaa");
|
||||
console.log(state.url);
|
||||
var user;
|
||||
var loggedIn = false;
|
||||
|
@ -28,14 +27,11 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
|||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
||||
return false;
|
||||
}else if(Session.isPortalAdministrator()) {
|
||||
}else if(Session.isPortalAdministrator() || Session.isCommunityCurator()) {
|
||||
console.log("is Admin");
|
||||
isAdmin = true;
|
||||
return true;
|
||||
}else {
|
||||
// let first = Observable.timer(10,500).map(r => { return {source:1,value:r}; }).take(4);
|
||||
// let second = Observable.timer(10,500).map(r => { return {source:2,value:r}; }).take(4);
|
||||
// first.merge(second).subscribe(res => this.mergeStream.push(res));
|
||||
let obs = this.propertiesService.subscribeEnvironment().map(res=>res["communityAPI"]).mergeMap(url => {
|
||||
return this.communityService.iscommunityManager(url+community,Session.getUserEmail())});
|
||||
obs.filter(enabled => !enabled)
|
||||
|
@ -49,14 +45,7 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
|||
return false;
|
||||
}
|
||||
|
||||
// if(!loggedIn){
|
||||
// // this.guardHelper.redirect("/user-info",errorCode,state.url);
|
||||
// this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
//
|
||||
// return false;
|
||||
// }else{
|
||||
// return true;
|
||||
// }
|
||||
|
||||
}
|
||||
/*
|
||||
constructor(private route: ActivatedRoute,private router: Router, private config: ConfigurationService) {}
|
||||
|
|
|
@ -0,0 +1,72 @@
|
|||
import { Injectable } from '@angular/core';
|
||||
import { Router,CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
|
||||
import {Observable} from 'rxjs/Observable';
|
||||
import {Session} from '../../login/utils/helper.class';
|
||||
import {ErrorCodes} from '../../login/utils/guardHelper.class';
|
||||
import {CommunityService} from '../community/community.service';
|
||||
import { EnvironmentSpecificService} from '../../utils/properties/environment-specific.service';
|
||||
import { mergeMap } from 'rxjs/operators';
|
||||
|
||||
@Injectable()
|
||||
export class ConnectRIGuard implements CanActivate {
|
||||
|
||||
constructor(private router: Router, private communityService: CommunityService, private propertiesService:EnvironmentSpecificService ) {}
|
||||
|
||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||
console.log(state.url);
|
||||
var user;
|
||||
var loggedIn = false;
|
||||
var isAdmin = false;
|
||||
var errorCode = ErrorCodes.NOT_LOGGIN;
|
||||
let community = (route.queryParams["communityId"]);
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
||||
return false;
|
||||
}else if(Session.isPortalAdministrator()) {
|
||||
isAdmin = true;
|
||||
return true;
|
||||
}else {
|
||||
|
||||
let obs = this.propertiesService.subscribeEnvironment().map(res=>res["communityAPI"]).mergeMap(url => {
|
||||
return this.communityService.iscommunityRI(url+community)});
|
||||
obs.filter(enabled => !enabled)
|
||||
.subscribe(() => this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } }));
|
||||
return obs;
|
||||
}
|
||||
}else{
|
||||
errorCode =ErrorCodes.NOT_LOGGIN;
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
/*
|
||||
constructor(private route: ActivatedRoute,private router: Router, private config: ConfigurationService) {}
|
||||
|
||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||
|
||||
let customRedirect = route.data['redirect'];
|
||||
let api = route.data['api'];
|
||||
let community = route.data['community']
|
||||
if(!community){
|
||||
community = (route.queryParams["communityId"])?route.queryParams["communityId"]:route.queryParams["community"];
|
||||
}
|
||||
if(community){
|
||||
let isEnabled = this.config.isPageEnabled(api, community,"/"+state.url.split("?")[0].substring(1));
|
||||
let redirect = !!customRedirect ? customRedirect : '/error';
|
||||
|
||||
isEnabled.filter(enabled => !enabled)
|
||||
.subscribe(() => this.router.navigate([redirect], { queryParams: { "page": state.url } }));
|
||||
return isEnabled;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
*/
|
||||
}
|
|
@ -20,7 +20,7 @@ export class AdminLoginGuard implements CanActivate {
|
|||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
}else {
|
||||
isAdmin = Session.isAdminUser();
|
||||
isAdmin = Session.isPortalAdministrator();
|
||||
if(!isAdmin){
|
||||
errorCode = ErrorCodes.NOT_ADMIN;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,49 @@
|
|||
import { Injectable } from '@angular/core';
|
||||
import { Router,CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
|
||||
import {Observable} from 'rxjs/Observable';
|
||||
import {Session} from './utils/helper.class';
|
||||
import {ErrorCodes} from './utils/guardHelper.class';
|
||||
|
||||
@Injectable()
|
||||
export class ClaimsCuratorGuard implements CanActivate {
|
||||
|
||||
constructor(private router: Router) {}
|
||||
|
||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||
var user;
|
||||
var role = route.data['role']
|
||||
var loggedIn = false;
|
||||
var isAuthorized = false;
|
||||
var errorCode = ErrorCodes.NOT_LOGGIN;
|
||||
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
}else {
|
||||
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
|
||||
isAuthorized =true;
|
||||
}
|
||||
if(!Session.isClaimsCurator() && !Session.isPortalAdministrator()){
|
||||
errorCode = ErrorCodes.NOT_ADMIN;
|
||||
}
|
||||
}
|
||||
}else{
|
||||
errorCode =ErrorCodes.NOT_LOGGIN;
|
||||
}
|
||||
|
||||
if(!loggedIn){
|
||||
// this.guardHelper.redirect("/user-info",errorCode,state.url);
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
||||
return false;
|
||||
}else if(!isAuthorized){
|
||||
// this.guardHelper.redirect("/user-info",errorCode,state.url);
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
return false;
|
||||
}else{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -109,7 +109,7 @@ export class UserMiniComponent {
|
|||
if(Session.isUserValid()){
|
||||
this.loggedIn = Session.isLoggedIn();
|
||||
this.user = Session.getUser();
|
||||
if(Session.isAdminUser()){
|
||||
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
|
||||
this.isAuthorized = true;
|
||||
}else {
|
||||
this.isAuthorized = false;
|
||||
|
|
|
@ -129,37 +129,49 @@ export class Session{
|
|||
localStorage.setItem("params",(params && params.length > 1)? params:"");
|
||||
}
|
||||
}
|
||||
public static isAdminUser():boolean {
|
||||
var isAdmin = false;
|
||||
public static isClaimsCurator():boolean {
|
||||
var isAuthorized = false;
|
||||
if(Session.isLoggedIn()){
|
||||
var claimRoles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Claim","urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Portal+Administrator"]
|
||||
var claimRoles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Claim"]
|
||||
for (var i = 0; i < claimRoles.length; i++) {
|
||||
if ((Session.getUser().role).indexOf(claimRoles[i]) > -1) {
|
||||
isAdmin = true;
|
||||
isAuthorized = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAdmin);
|
||||
return (isAuthorized);
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAdmin);
|
||||
return (isAuthorized);
|
||||
}
|
||||
public static isCommunityCurator():boolean {
|
||||
var isAuthorized = false;
|
||||
if(Session.isLoggedIn()){
|
||||
var roles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Community"]
|
||||
for (var i = 0; i < roles.length; i++) {
|
||||
if ((Session.getUser().role).indexOf(roles[i]) > -1) {
|
||||
isAuthorized = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
return (isAuthorized);
|
||||
}
|
||||
return (isAuthorized);
|
||||
}
|
||||
public static isPortalAdministrator():boolean {
|
||||
var isAdmin = false;
|
||||
var isAuthorized = false;
|
||||
if(Session.isLoggedIn()){
|
||||
var roles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Portal+Administrator"]
|
||||
for (var i = 0; i < roles.length; i++) {
|
||||
if ((Session.getUser().role).indexOf(roles[i]) > -1) {
|
||||
isAdmin = true;
|
||||
isAuthorized = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAdmin);
|
||||
return (isAuthorized);
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAdmin);
|
||||
return (isAuthorized);
|
||||
}
|
||||
public static isRegisteredUser():boolean {
|
||||
var isRegisteredUser = false;
|
||||
|
|
|
@ -101,7 +101,7 @@ export class NavigationBarComponent {
|
|||
this.sub.unsubscribe();
|
||||
}
|
||||
initialize(){
|
||||
if(Session.isLoggedIn() && Session.isUserValid() && Session.isAdminUser()){
|
||||
if(Session.isLoggedIn() && Session.isUserValid() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
|
||||
this.isAuthorized = true;
|
||||
}else {
|
||||
this.isAuthorized = false;
|
||||
|
|
Loading…
Reference in New Issue