argos/dmp-frontend/src/app/core/special-auth-guard.service.ts

56 lines
1.6 KiB
TypeScript
Raw Normal View History

import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, CanActivate, CanLoad, Route, Router, RouterStateSnapshot } from '@angular/router';
import { AuthService } from './services/auth/auth.service';
import { AppRole } from './common/enum/app-role';
@Injectable()
export class SpecialAuthGuard implements CanActivate, CanLoad {
constructor(private auth: AuthService, private router: Router) {
}
hasPermission(permission: AppRole): boolean {
2023-10-11 16:53:12 +02:00
if (!this.auth.currentAccountIsAuthenticated()) { return false; }
return this.auth.hasRole(permission);
}
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
const url: string = state.url;
const permissions = route.data['authContext']['permissions'];
let count = permissions.length;
if (count < 0 || count === undefined) {
return false;
}
for (let i = 0; i < permissions.length; i++) {
if (!this.hasPermission(permissions[i])) {
count--;
}
}
if (count === 0) {
this.router.navigate(['/unauthorized'], { queryParams: { returnUrl: url } });
return false;
} else {
return true;
}
}
canLoad(route: Route): boolean {
const url = `/${route.path}`;
const permissions = route.data['authContext']['permissions'];
let count = permissions.length;
if (count < 0 || count === undefined) {
return false;
}
for (let i = 0; i < permissions.length; i++) {
if (!this.hasPermission(permissions[i])) {
count--;
}
}
if (count === 0) {
this.router.navigate(['/unauthorized'], { queryParams: { returnUrl: url } });
return false;
} else {
return true;
}
}
}