FarmMaps/FarmMapsLib
8
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

AW-4628 Add role-based security to authguard
All checks were successful
FarmMaps.Develop/FarmMapsLib/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
Peter (extern)
2023-02-10 15:30:35 +01:00
parent c61a4fe7f4
commit aeded938bd
5 changed files with 60 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
projects/common/src/fm/services/auth-guard.service.ts
View File

@@ -24,26 +24,33 @@ export class AuthGuard implements CanActivate, CanLoad, CanActivateChild {
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
let url: string = state.url;
return this.checkLogin(url);
return this.checkLogin(url, route);
}
canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
let url: string = state.url;
return this.checkLogin(url);
return this.checkLogin(url, childRoute);
}
canLoad(route: Route): Promise<boolean> {
return this.checkLogin(route.path);
return this.checkLogin(route.path, null);
}
checkLogin(url: string): Promise<boolean> {
checkLogin(url: string, route: ActivatedRouteSnapshot): Promise<boolean> {
return new Promise<boolean>((resolve) => {
if (!this.oauthService.hasValidAccessToken()) {
console.debug("No valid token");
this.oauthService.initCodeFlow(url);
resolve(false);
} else {
} else {
const requiredRoleClaim = route.data.role;
if (!requiredRoleClaim) { resolve(true); }
const ownedClaims = this.oauthService.getIdentityClaims();
if (!ownedClaims) { resolve(false); }
const ownedRoleClaims: string[] = ownedClaims['role'];
if (!ownedRoleClaims) { resolve(false); }
if (ownedRoleClaims.findIndex(r => r === requiredRoleClaim) <= -1) { resolve(false); }
resolve(true);
}
});