test update some permissions

2023-12-08 14:46:07 +07:00 · 2023-12-08 14:46:07 +07:00 · 25ce65e425
commit 25ce65e425
parent ac64335d5b
15 changed files with 582 additions and 493 deletions
--- a/client/src/app/app-routing.module.ts
+++ b/client/src/app/app-routing.module.ts
@ -1,4 +1,4 @@
-import { NgModule, inject } from '@angular/core';
+import {inject, NgModule} from '@angular/core';
 import {
  ActivatedRouteSnapshot,
  CanActivateFn,
@ -7,8 +7,9 @@ import {
  RouterStateSnapshot,
  Routes,
 } from '@angular/router';
-import { UserService } from './core/services/user.service';
-import { map } from 'rxjs';
+import {UserService} from './core/services/user.service';
+import {map} from 'rxjs';
+import {UserPermissions} from "./core/auth/userPermissions";

 const authGuard: CanActivateFn = (
  route: ActivatedRouteSnapshot,
@ -31,13 +32,38 @@ const authGuard: CanActivateFn = (
  );
 };

-const loginGuard: CanActivateFn = (
+const permissionsGuard: (...requiredPermissions: UserPermissions[]) => CanActivateFn = (...requiredPermissions) => (
  route: ActivatedRouteSnapshot,
  state: RouterStateSnapshot
 ) => {
  const userService: UserService = inject(UserService);
  const router: Router = inject(Router);

+  const user = userService.getCurrentUser()
+  if (user == null)
+    return router.createUrlTree(['/login'], {
+      queryParams: {
+        redirectUrl: state.url,
+      },
+    });
+
+  if (requiredPermissions.every(permission => user.permissions.includes(permission))) {
+    return true
+  }
+
+  return router.createUrlTree(['/unauthorized'], {
+    queryParams: {
+      redirectUrl: state.url,
+    },
+  });
+}
+
+const loginGuard: CanActivateFn = (
+  route: ActivatedRouteSnapshot
+) => {
+  const userService: UserService = inject(UserService);
+  const router: Router = inject(Router);
+
  return userService.isAuthenticated.pipe(
    map((isAuth) => {
      if (!isAuth) {
@ -83,15 +109,15 @@ const routes: Routes = [
          import('./features/recipes/recipes.component').then(
            (m) => m.RecipesComponent
          ),
-        canActivate: [authGuard],
+        canActivate: [authGuard, permissionsGuard(UserPermissions.THAI_PERMISSION, UserPermissions.SUPER_ADMIN)],
      },
      {
        path: 'recipe/:productCode',
        loadComponent: () =>
          import(
            './features/recipes/recipe-details/recipe-details.component'
-          ).then((m) => m.RecipeDetailsComponent),
-        canActivate: [authGuard],
+            ).then((m) => m.RecipeDetailsComponent),
+        canActivate: [authGuard, permissionsGuard(UserPermissions.THAI_PERMISSION, UserPermissions.SUPER_ADMIN)],
      },
      // {
      //   path: 'log',
@ -100,9 +126,17 @@ const routes: Routes = [
      //       (m) => m.ChangelogComponent
      //     ),
      // },
+      {
+        path: 'unauthorized',
+        loadComponent: () => import('./core/auth/unauthorized.component').then((m) => m.UnauthorizedComponent)
+      },
+      {
+        path: 'notfound',
+        loadComponent: () => import('./core/notfound.component').then((m) => m.NotfoundComponent)
+      },
      {
        path: '**',
-        redirectTo: 'recipes',
+        redirectTo: 'notfound',
      },
    ],
  },
@ -112,4 +146,5 @@ const routes: Routes = [
  imports: [RouterModule.forRoot(routes)],
  exports: [RouterModule],
 })
-export class AppRoutingModule {}
+export class AppRoutingModule {
+}