src/app/auth/support/auth.guard.ts
A guard used by the router in order to check whether a the user has the necessary access rights. If not, the user is redirected to the an error page.
Methods |
constructor(router: Router, authService: AuthService, loggerService: LoggerService, sharedAboutService: SharedAboutService)
|
||||||||||||||||||||
Defined in src/app/auth/support/auth.guard.ts:15
|
||||||||||||||||||||
Parameters :
|
canActivate | ||||||||||||
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot)
|
||||||||||||
Defined in src/app/auth/support/auth.guard.ts:32
|
||||||||||||
If true the user has access to the route, if false, the user will be redirected to an error page.
Parameters :
Returns :
boolean
|
import { Injectable } from '@angular/core';
import { Router, CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
import { AuthService } from '../auth.service';
import { SharedAboutService } from '../../shared/services/shared-about.service';
import { LoggerService } from '../../shared/services/logger.service';
/**
* A guard used by the router in order to check whether a the user has
* the necessary access rights. If not, the user is redirected to the
* an error page.
*
* @author Gunnar Hillert
*/
@Injectable()
export class AuthGuard implements CanActivate {
constructor(
private router: Router,
private authService: AuthService,
private loggerService: LoggerService,
private sharedAboutService: SharedAboutService
) {
}
/**
* If true the user has access to the route, if false, the user will
* be redirected to an error page.
*
* @param route
* @param state
*/
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
const securityInfo = this.authService.securityInfo;
const featureInfo = this.sharedAboutService.featureInfo;
const rolesNeeded: string[] = route.data.roles;
const featureNeeded: string = route.data.feature;
if (featureNeeded && featureInfo && !featureInfo.isFeatureEnabled(featureNeeded)) {
this.router.navigate(['feature-disabled']);
}
if (securityInfo.isAuthenticationEnabled) {
this.loggerService.log(`Determining authorizations ... ` +
`[authentication enabled: ${securityInfo.isAuthenticationEnabled}]`, route.data);
}
if (securityInfo.canAccess(rolesNeeded)) {
return true;
}
if (securityInfo.isAuthenticationEnabled) {
if (securityInfo.isAuthenticated) {
this.loggerService.log('You do not have any of the necessary role(s) ' + rolesNeeded);
this.router.navigate(['roles-missing']);
} else {
this.router.navigate(['authentication-required']);
}
}
return false;
}
}