add function for separeate roles in Session| add isCommunityRI method in community service and RIGuard || change admin guard to be only administrator | add claims curator guard|
git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-services-library/trunk/ng-openaire-library/src/app@51526 d315682c-612b-4755-9ff5-7f18f6832af3
This commit is contained in:
argiro.kokogiannaki
parent
f4c10e12c0
commit
5139077569
|
|
@ -31,7 +31,9 @@ export class CommunityService {
|
||||||
iscommunityManager(url: string, manager:string){
|
iscommunityManager(url: string, manager:string){
|
||||||
return this.http.get(url).map(res => <any> res.json()).map(res => this.parseCommunity(res)).map(community => community.managers.indexOf(manager)!=-1);
|
return this.http.get(url).map(res => <any> res.json()).map(res => this.parseCommunity(res)).map(community => community.managers.indexOf(manager)!=-1);
|
||||||
}
|
}
|
||||||
|
iscommunityRI(url: string){
|
||||||
|
return this.http.get(url).map(res => <any> res.json()).map(res => this.parseCommunity(res)).map(community => (community && community.type && community.type !="community"));
|
||||||
|
}
|
||||||
parseCommunity(data:any): CommunityInfo {
|
parseCommunity(data:any): CommunityInfo {
|
||||||
|
|
||||||
let length = Array.isArray(data) ? data.length :1;
|
let length = Array.isArray(data) ? data.length :1;
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,6 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
||||||
constructor(private router: Router, private communityService: CommunityService, private propertiesService:EnvironmentSpecificService ) {}
|
constructor(private router: Router, private communityService: CommunityService, private propertiesService:EnvironmentSpecificService ) {}
|
||||||
|
|
||||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||||
console.log("aaa");
|
|
||||||
console.log(state.url);
|
console.log(state.url);
|
||||||
var user;
|
var user;
|
||||||
var loggedIn = false;
|
var loggedIn = false;
|
||||||
|
|
@ -28,14 +27,11 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
||||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}else if(Session.isPortalAdministrator()) {
|
}else if(Session.isPortalAdministrator() || Session.isCommunityCurator()) {
|
||||||
console.log("is Admin");
|
console.log("is Admin");
|
||||||
isAdmin = true;
|
isAdmin = true;
|
||||||
return true;
|
return true;
|
||||||
}else {
|
}else {
|
||||||
// let first = Observable.timer(10,500).map(r => { return {source:1,value:r}; }).take(4);
|
|
||||||
// let second = Observable.timer(10,500).map(r => { return {source:2,value:r}; }).take(4);
|
|
||||||
// first.merge(second).subscribe(res => this.mergeStream.push(res));
|
|
||||||
let obs = this.propertiesService.subscribeEnvironment().map(res=>res["communityAPI"]).mergeMap(url => {
|
let obs = this.propertiesService.subscribeEnvironment().map(res=>res["communityAPI"]).mergeMap(url => {
|
||||||
return this.communityService.iscommunityManager(url+community,Session.getUserEmail())});
|
return this.communityService.iscommunityManager(url+community,Session.getUserEmail())});
|
||||||
obs.filter(enabled => !enabled)
|
obs.filter(enabled => !enabled)
|
||||||
|
|
@ -49,14 +45,7 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// if(!loggedIn){
|
|
||||||
// // this.guardHelper.redirect("/user-info",errorCode,state.url);
|
|
||||||
// this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
|
||||||
//
|
|
||||||
// return false;
|
|
||||||
// }else{
|
|
||||||
// return true;
|
|
||||||
// }
|
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
constructor(private route: ActivatedRoute,private router: Router, private config: ConfigurationService) {}
|
constructor(private route: ActivatedRoute,private router: Router, private config: ConfigurationService) {}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,72 @@
|
||||||
|
import { Injectable } from '@angular/core';
|
||||||
|
import { Router,CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
|
||||||
|
import {Observable} from 'rxjs/Observable';
|
||||||
|
import {Session} from '../../login/utils/helper.class';
|
||||||
|
import {ErrorCodes} from '../../login/utils/guardHelper.class';
|
||||||
|
import {CommunityService} from '../community/community.service';
|
||||||
|
import { EnvironmentSpecificService} from '../../utils/properties/environment-specific.service';
|
||||||
|
import { mergeMap } from 'rxjs/operators';
|
||||||
|
|
||||||
|
@Injectable()
|
||||||
|
export class ConnectRIGuard implements CanActivate {
|
||||||
|
|
||||||
|
constructor(private router: Router, private communityService: CommunityService, private propertiesService:EnvironmentSpecificService ) {}
|
||||||
|
|
||||||
|
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||||
|
console.log(state.url);
|
||||||
|
var user;
|
||||||
|
var loggedIn = false;
|
||||||
|
var isAdmin = false;
|
||||||
|
var errorCode = ErrorCodes.NOT_LOGGIN;
|
||||||
|
let community = (route.queryParams["communityId"]);
|
||||||
|
if(Session.isLoggedIn()){
|
||||||
|
loggedIn = true;
|
||||||
|
if(!Session.isValidAndRemove()){
|
||||||
|
loggedIn = false;
|
||||||
|
errorCode = ErrorCodes.NOT_VALID;
|
||||||
|
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}else if(Session.isPortalAdministrator()) {
|
||||||
|
isAdmin = true;
|
||||||
|
return true;
|
||||||
|
}else {
|
||||||
|
|
||||||
|
let obs = this.propertiesService.subscribeEnvironment().map(res=>res["communityAPI"]).mergeMap(url => {
|
||||||
|
return this.communityService.iscommunityRI(url+community)});
|
||||||
|
obs.filter(enabled => !enabled)
|
||||||
|
.subscribe(() => this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } }));
|
||||||
|
return obs;
|
||||||
|
}
|
||||||
|
}else{
|
||||||
|
errorCode =ErrorCodes.NOT_LOGGIN;
|
||||||
|
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
constructor(private route: ActivatedRoute,private router: Router, private config: ConfigurationService) {}
|
||||||
|
|
||||||
|
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||||
|
|
||||||
|
let customRedirect = route.data['redirect'];
|
||||||
|
let api = route.data['api'];
|
||||||
|
let community = route.data['community']
|
||||||
|
if(!community){
|
||||||
|
community = (route.queryParams["communityId"])?route.queryParams["communityId"]:route.queryParams["community"];
|
||||||
|
}
|
||||||
|
if(community){
|
||||||
|
let isEnabled = this.config.isPageEnabled(api, community,"/"+state.url.split("?")[0].substring(1));
|
||||||
|
let redirect = !!customRedirect ? customRedirect : '/error';
|
||||||
|
|
||||||
|
isEnabled.filter(enabled => !enabled)
|
||||||
|
.subscribe(() => this.router.navigate([redirect], { queryParams: { "page": state.url } }));
|
||||||
|
return isEnabled;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
|
@ -20,7 +20,7 @@ export class AdminLoginGuard implements CanActivate {
|
||||||
loggedIn = false;
|
loggedIn = false;
|
||||||
errorCode = ErrorCodes.NOT_VALID;
|
errorCode = ErrorCodes.NOT_VALID;
|
||||||
}else {
|
}else {
|
||||||
isAdmin = Session.isAdminUser();
|
isAdmin = Session.isPortalAdministrator();
|
||||||
if(!isAdmin){
|
if(!isAdmin){
|
||||||
errorCode = ErrorCodes.NOT_ADMIN;
|
errorCode = ErrorCodes.NOT_ADMIN;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,49 @@
|
||||||
|
import { Injectable } from '@angular/core';
|
||||||
|
import { Router,CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
|
||||||
|
import {Observable} from 'rxjs/Observable';
|
||||||
|
import {Session} from './utils/helper.class';
|
||||||
|
import {ErrorCodes} from './utils/guardHelper.class';
|
||||||
|
|
||||||
|
@Injectable()
|
||||||
|
export class ClaimsCuratorGuard implements CanActivate {
|
||||||
|
|
||||||
|
constructor(private router: Router) {}
|
||||||
|
|
||||||
|
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | boolean {
|
||||||
|
var user;
|
||||||
|
var role = route.data['role']
|
||||||
|
var loggedIn = false;
|
||||||
|
var isAuthorized = false;
|
||||||
|
var errorCode = ErrorCodes.NOT_LOGGIN;
|
||||||
|
|
||||||
|
if(Session.isLoggedIn()){
|
||||||
|
loggedIn = true;
|
||||||
|
if(!Session.isValidAndRemove()){
|
||||||
|
loggedIn = false;
|
||||||
|
errorCode = ErrorCodes.NOT_VALID;
|
||||||
|
}else {
|
||||||
|
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
|
||||||
|
isAuthorized =true;
|
||||||
|
}
|
||||||
|
if(!Session.isClaimsCurator() && !Session.isPortalAdministrator()){
|
||||||
|
errorCode = ErrorCodes.NOT_ADMIN;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}else{
|
||||||
|
errorCode =ErrorCodes.NOT_LOGGIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!loggedIn){
|
||||||
|
// this.guardHelper.redirect("/user-info",errorCode,state.url);
|
||||||
|
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}else if(!isAuthorized){
|
||||||
|
// this.guardHelper.redirect("/user-info",errorCode,state.url);
|
||||||
|
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||||
|
return false;
|
||||||
|
}else{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -109,7 +109,7 @@ export class UserMiniComponent {
|
||||||
if(Session.isUserValid()){
|
if(Session.isUserValid()){
|
||||||
this.loggedIn = Session.isLoggedIn();
|
this.loggedIn = Session.isLoggedIn();
|
||||||
this.user = Session.getUser();
|
this.user = Session.getUser();
|
||||||
if(Session.isAdminUser()){
|
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
|
||||||
this.isAuthorized = true;
|
this.isAuthorized = true;
|
||||||
}else {
|
}else {
|
||||||
this.isAuthorized = false;
|
this.isAuthorized = false;
|
||||||
|
|
|
||||||
|
|
@ -129,37 +129,49 @@ export class Session{
|
||||||
localStorage.setItem("params",(params && params.length > 1)? params:"");
|
localStorage.setItem("params",(params && params.length > 1)? params:"");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
public static isAdminUser():boolean {
|
public static isClaimsCurator():boolean {
|
||||||
var isAdmin = false;
|
var isAuthorized = false;
|
||||||
if(Session.isLoggedIn()){
|
if(Session.isLoggedIn()){
|
||||||
var claimRoles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Claim","urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Portal+Administrator"]
|
var claimRoles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Claim"]
|
||||||
for (var i = 0; i < claimRoles.length; i++) {
|
for (var i = 0; i < claimRoles.length; i++) {
|
||||||
if ((Session.getUser().role).indexOf(claimRoles[i]) > -1) {
|
if ((Session.getUser().role).indexOf(claimRoles[i]) > -1) {
|
||||||
isAdmin = true;
|
isAuthorized = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// console.log("Is admin:"+ isAdmin)
|
return (isAuthorized);
|
||||||
return (isAdmin);
|
|
||||||
}
|
}
|
||||||
// console.log("Is admin:"+ isAdmin)
|
return (isAuthorized);
|
||||||
return (isAdmin);
|
}
|
||||||
|
public static isCommunityCurator():boolean {
|
||||||
|
var isAuthorized = false;
|
||||||
|
if(Session.isLoggedIn()){
|
||||||
|
var roles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Curator+-+Community"]
|
||||||
|
for (var i = 0; i < roles.length; i++) {
|
||||||
|
if ((Session.getUser().role).indexOf(roles[i]) > -1) {
|
||||||
|
isAuthorized = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return (isAuthorized);
|
||||||
|
}
|
||||||
|
return (isAuthorized);
|
||||||
}
|
}
|
||||||
public static isPortalAdministrator():boolean {
|
public static isPortalAdministrator():boolean {
|
||||||
var isAdmin = false;
|
var isAuthorized = false;
|
||||||
if(Session.isLoggedIn()){
|
if(Session.isLoggedIn()){
|
||||||
var roles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Portal+Administrator"]
|
var roles = ["urn:mace:openminted.eu:aai.openminted.eu:group:OpenAIRE+Portal+Administrator"]
|
||||||
for (var i = 0; i < roles.length; i++) {
|
for (var i = 0; i < roles.length; i++) {
|
||||||
if ((Session.getUser().role).indexOf(roles[i]) > -1) {
|
if ((Session.getUser().role).indexOf(roles[i]) > -1) {
|
||||||
isAdmin = true;
|
isAuthorized = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// console.log("Is admin:"+ isAdmin)
|
// console.log("Is admin:"+ isAdmin)
|
||||||
return (isAdmin);
|
return (isAuthorized);
|
||||||
}
|
}
|
||||||
// console.log("Is admin:"+ isAdmin)
|
// console.log("Is admin:"+ isAdmin)
|
||||||
return (isAdmin);
|
return (isAuthorized);
|
||||||
}
|
}
|
||||||
public static isRegisteredUser():boolean {
|
public static isRegisteredUser():boolean {
|
||||||
var isRegisteredUser = false;
|
var isRegisteredUser = false;
|
||||||
|
|
|
||||||
|
|
@ -101,7 +101,7 @@ export class NavigationBarComponent {
|
||||||
this.sub.unsubscribe();
|
this.sub.unsubscribe();
|
||||||
}
|
}
|
||||||
initialize(){
|
initialize(){
|
||||||
if(Session.isLoggedIn() && Session.isUserValid() && Session.isAdminUser()){
|
if(Session.isLoggedIn() && Session.isUserValid() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
|
||||||
this.isAuthorized = true;
|
this.isAuthorized = true;
|
||||||
}else {
|
}else {
|
||||||
this.isAuthorized = false;
|
this.isAuthorized = false;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue