R32 Presentation Engine Docs
  1. Injectables
  2. AppAuthorizationGuard

File

app/core/guards/app-authorization-guard.ts

Extends

KeycloakAuthGuard

Index

Methods

Constructor

constructor(router: Router, keycloakAngular: KeycloakService, dataService: DataResolverService, pubService: PublicationService, utilService: UtilService)
Defined in app/core/guards/app-authorization-guard.ts:14
Parameters :
Name Type Optional
router Router No
keycloakAngular KeycloakService No
dataService DataResolverService No
pubService PublicationService No
utilService UtilService No

Methods

isAccessAllowed
isAccessAllowed(route: ActivatedRouteSnapshot, state: RouterStateSnapshot)
Defined in app/core/guards/app-authorization-guard.ts:31
Parameters :
Name Type Optional
route ActivatedRouteSnapshot No
state RouterStateSnapshot No
Returns : Promise<boolean>
Private isMatch
isMatch(role: string)
Defined in app/core/guards/app-authorization-guard.ts:26
Parameters :
Name Type Optional
role string No
Returns : any 
import { Injectable } from '@angular/core';
import {
	CanActivate,
	Router,
	ActivatedRouteSnapshot,
	RouterStateSnapshot
} from '@angular/router';
import { KeycloakService, KeycloakAuthGuard } from 'keycloak-angular';
import { DataResolverService } from '../services/data-resolver/data-resolver.service';
import { PublicationService } from '../services/publication-service/publication.service';
import { UtilService } from '../services/util-service/util.service';

@Injectable()
export class AppAuthorizationGuard extends KeycloakAuthGuard {
	constructor(
		protected router: Router,
		protected keycloakAngular: KeycloakService,
		private dataService: DataResolverService,
		private pubService: PublicationService,
		private utilService: UtilService
	) {
		super(router, keycloakAngular);
	}

	// Will go through the keycloak user roles and return true if there is a match comparing to the roles on the Structure group.
	private isMatch(role: string): any {
		const match = this.roles.find(item => item.includes(role));
		return match;
	}

	isAccessAllowed(
		route: ActivatedRouteSnapshot,
		state: RouterStateSnapshot
	): Promise<boolean> {
		return new Promise(async (resolve, reject) => {
			let sgRoles: string[] = [];
			// Need this due to when the auth-guard is called the page has not yet loaded, so the result will be undefined.
			// Instead we will wait on the data to be avalible.
			await this.dataService.getNavigationData().then(navigation => {
				const url = this.pubService.getPublicationPath() + '/distributor-hub';
				const sg = this.pubService.findSG(navigation, url, true);
				const roles = this.utilService.extract(sg, 'Metadata', 'roles') || '';
				sgRoles = roles.split(',');
			}
			);
			if (!this.authenticated) {
				this.keycloakAngular.login();
				return;
			} else {
				// get the page data and check for the restricted roles
				// if user do not have the role then redirect to 'restricted-access' page
				const matchedRoles = sgRoles.find(role => this.isMatch(role));
				if (!matchedRoles) {
					window.location.href = this.pubService.getPublicationPath() + '/system-pages/restricted-access/index';
				}
				resolve(true);
			}
		});
	}
}

result-matching ""

    No results matching ""