@netgrif/components-core
Version:
Netgrif Application engine frontend core Angular library
79 lines • 10.7 kB
JavaScript
import { Injectable } from '@angular/core';
import * as i0 from "@angular/core";
import * as i1 from "../../configuration/configuration.service";
import * as i2 from "../../user/services/user.service";
import * as i3 from "../role/role-guard.service";
import * as i4 from "../authority/authority-guard.service";
import * as i5 from "../group/group-guard.service";
export class AccessService {
_config;
_userService;
_roleGuard;
_authorityGuard;
_groupGuard;
constructor(_config, _userService, _roleGuard, _authorityGuard, _groupGuard) {
this._config = _config;
this._userService = _userService;
this._roleGuard = _roleGuard;
this._authorityGuard = _authorityGuard;
this._groupGuard = _groupGuard;
}
/**
* @param view the view whose access permissions we want to check
* @param url URL to which the view maps. Is used only for error message generation
* @returns whether the user can access the provided view
*/
canAccessView(view, url) {
if (!view.hasOwnProperty('access')) {
return true;
}
if (typeof view.access === 'string') {
if (view.access === 'public') {
return true;
}
if (view.access !== 'private') {
throw new Error(`Unknown access option '${view.access}'. Only 'public' or 'private' is allowed.`);
}
return !this._userService.user.isEmpty();
}
if (!url) {
url = view?.routing?.path;
}
return !this._userService.user.isEmpty() // AuthGuard
&& this.passesRoleGuard(view, url)
&& this.passesAuthorityGuard(view)
&& this.passesGroupGuard(view, url);
}
/**
* @param view the view whose access permissions we want to check
* @param url URL to which the view maps. Is used only for error message generation
* @returns whether the user passes the role guard condition for accessing the specified view
*/
passesRoleGuard(view, url) {
return (!view.access.hasOwnProperty('role') && !view.access.hasOwnProperty('bannedRole')) || this._roleGuard.canAccessView(view, url);
}
/**
* @param view the view whose access permissions we want to check
* @returns whether the user passes the authority guard condition for accessing the specified view
*/
passesAuthorityGuard(view) {
return !view.access.hasOwnProperty('authority') || this._authorityGuard.canAccessView(view);
}
/**
* @param view the view whose access permissions we want to check
* @param url URL to which the view maps. Is used only for error message generation
* @returns whether the user passes the role guard condition for accessing the specified view
*/
passesGroupGuard(view, url) {
return !view.access.hasOwnProperty('group') || this._groupGuard.canAccessView(view, url);
}
static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "17.3.12", ngImport: i0, type: AccessService, deps: [{ token: i1.ConfigurationService }, { token: i2.UserService }, { token: i3.RoleGuardService }, { token: i4.AuthorityGuardService }, { token: i5.GroupGuardService }], target: i0.ɵɵFactoryTarget.Injectable });
static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "17.3.12", ngImport: i0, type: AccessService, providedIn: 'root' });
}
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "17.3.12", ngImport: i0, type: AccessService, decorators: [{
type: Injectable,
args: [{
providedIn: 'root'
}]
}], ctorParameters: () => [{ type: i1.ConfigurationService }, { type: i2.UserService }, { type: i3.RoleGuardService }, { type: i4.AuthorityGuardService }, { type: i5.GroupGuardService }] });
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLnNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9uZXRncmlmLWNvbXBvbmVudHMtY29yZS9zcmMvbGliL2F1dGhvcml6YXRpb24vcGVybWlzc2lvbi9hY2Nlc3Muc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUMsVUFBVSxFQUFDLE1BQU0sZUFBZSxDQUFDOzs7Ozs7O0FBV3pDLE1BQU0sT0FBTyxhQUFhO0lBR1Y7SUFDQTtJQUNBO0lBQ0E7SUFDQTtJQUxaLFlBQ1ksT0FBNkIsRUFDN0IsWUFBeUIsRUFDekIsVUFBNEIsRUFDNUIsZUFBc0MsRUFDdEMsV0FBOEI7UUFKOUIsWUFBTyxHQUFQLE9BQU8sQ0FBc0I7UUFDN0IsaUJBQVksR0FBWixZQUFZLENBQWE7UUFDekIsZUFBVSxHQUFWLFVBQVUsQ0FBa0I7UUFDNUIsb0JBQWUsR0FBZixlQUFlLENBQXVCO1FBQ3RDLGdCQUFXLEdBQVgsV0FBVyxDQUFtQjtJQUUxQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGFBQWEsQ0FBQyxJQUFVLEVBQUUsR0FBWTtRQUN6QyxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLENBQUMsRUFBRTtZQUNoQyxPQUFPLElBQUksQ0FBQztTQUNmO1FBRUQsSUFBSSxPQUFPLElBQUksQ0FBQyxNQUFNLEtBQUssUUFBUSxFQUFFO1lBQ2pDLElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSyxRQUFRLEVBQUU7Z0JBQzFCLE9BQU8sSUFBSSxDQUFDO2FBQ2Y7WUFDRCxJQUFJLElBQUksQ0FBQyxNQUFNLEtBQUssU0FBUyxFQUFFO2dCQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLDBCQUEwQixJQUFJLENBQUMsTUFBTSwyQ0FBMkMsQ0FBQyxDQUFDO2FBQ3JHO1lBQ0QsT0FBTyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1NBQzVDO1FBRUQsSUFBSSxDQUFDLEdBQUcsRUFBRTtZQUNOLEdBQUcsR0FBRyxJQUFJLEVBQUUsT0FBTyxFQUFFLElBQUksQ0FBQztTQUM3QjtRQUVELE9BQU8sQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQyxZQUFZO2VBQzlDLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQztlQUMvQixJQUFJLENBQUMsb0JBQW9CLENBQUMsSUFBSSxDQUFDO2VBQy9CLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxlQUFlLENBQUMsSUFBVSxFQUFFLEdBQVc7UUFDMUMsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FBQyxZQUFZLENBQUMsQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLElBQUksRUFBRSxHQUFHLENBQUMsQ0FBQztJQUMxSSxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksb0JBQW9CLENBQUMsSUFBVTtRQUNsQyxPQUFPLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLElBQUksSUFBSSxDQUFDLGVBQWUsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDaEcsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxnQkFBZ0IsQ0FBQyxJQUFVLEVBQUUsR0FBVztRQUMzQyxPQUFPLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQyxDQUFDO0lBQzdGLENBQUM7d0dBakVRLGFBQWE7NEdBQWIsYUFBYSxjQUZWLE1BQU07OzRGQUVULGFBQWE7a0JBSHpCLFVBQVU7bUJBQUM7b0JBQ1IsVUFBVSxFQUFFLE1BQU07aUJBQ3JCIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtJbmplY3RhYmxlfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7Um9sZUd1YXJkU2VydmljZX0gZnJvbSBcIi4uL3JvbGUvcm9sZS1ndWFyZC5zZXJ2aWNlXCI7XG5pbXBvcnQge0F1dGhvcml0eUd1YXJkU2VydmljZX0gZnJvbSBcIi4uL2F1dGhvcml0eS9hdXRob3JpdHktZ3VhcmQuc2VydmljZVwiO1xuaW1wb3J0IHtHcm91cEd1YXJkU2VydmljZX0gZnJvbSBcIi4uL2dyb3VwL2dyb3VwLWd1YXJkLnNlcnZpY2VcIjtcbmltcG9ydCB7Q29uZmlndXJhdGlvblNlcnZpY2V9IGZyb20gXCIuLi8uLi9jb25maWd1cmF0aW9uL2NvbmZpZ3VyYXRpb24uc2VydmljZVwiO1xuaW1wb3J0IHtWaWV3fSBmcm9tIFwiLi4vLi4vLi4vY29tbW9ucy9zY2hlbWFcIjtcbmltcG9ydCB7VXNlclNlcnZpY2V9IGZyb20gJy4uLy4uL3VzZXIvc2VydmljZXMvdXNlci5zZXJ2aWNlJztcblxuQEluamVjdGFibGUoe1xuICAgIHByb3ZpZGVkSW46ICdyb290J1xufSlcbmV4cG9ydCBjbGFzcyBBY2Nlc3NTZXJ2aWNlIHtcblxuICAgIGNvbnN0cnVjdG9yKFxuICAgICAgICBwcml2YXRlIF9jb25maWc6IENvbmZpZ3VyYXRpb25TZXJ2aWNlLFxuICAgICAgICBwcml2YXRlIF91c2VyU2VydmljZTogVXNlclNlcnZpY2UsXG4gICAgICAgIHByaXZhdGUgX3JvbGVHdWFyZDogUm9sZUd1YXJkU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSBfYXV0aG9yaXR5R3VhcmQ6IEF1dGhvcml0eUd1YXJkU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSBfZ3JvdXBHdWFyZDogR3JvdXBHdWFyZFNlcnZpY2UsXG4gICAgKSB7XG4gICAgfVxuXG4gICAgLyoqXG4gICAgICogQHBhcmFtIHZpZXcgdGhlIHZpZXcgd2hvc2UgYWNjZXNzIHBlcm1pc3Npb25zIHdlIHdhbnQgdG8gY2hlY2tcbiAgICAgKiBAcGFyYW0gdXJsIFVSTCB0byB3aGljaCB0aGUgdmlldyBtYXBzLiBJcyB1c2VkIG9ubHkgZm9yIGVycm9yIG1lc3NhZ2UgZ2VuZXJhdGlvblxuICAgICAqIEByZXR1cm5zIHdoZXRoZXIgdGhlIHVzZXIgY2FuIGFjY2VzcyB0aGUgcHJvdmlkZWQgdmlld1xuICAgICAqL1xuICAgIHB1YmxpYyBjYW5BY2Nlc3NWaWV3KHZpZXc6IFZpZXcsIHVybD86IHN0cmluZyk6IGJvb2xlYW4ge1xuICAgICAgICBpZiAoIXZpZXcuaGFzT3duUHJvcGVydHkoJ2FjY2VzcycpKSB7XG4gICAgICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICh0eXBlb2Ygdmlldy5hY2Nlc3MgPT09ICdzdHJpbmcnKSB7XG4gICAgICAgICAgICBpZiAodmlldy5hY2Nlc3MgPT09ICdwdWJsaWMnKSB7XG4gICAgICAgICAgICAgICAgcmV0dXJuIHRydWU7XG4gICAgICAgICAgICB9XG4gICAgICAgICAgICBpZiAodmlldy5hY2Nlc3MgIT09ICdwcml2YXRlJykge1xuICAgICAgICAgICAgICAgIHRocm93IG5ldyBFcnJvcihgVW5rbm93biBhY2Nlc3Mgb3B0aW9uICcke3ZpZXcuYWNjZXNzfScuIE9ubHkgJ3B1YmxpYycgb3IgJ3ByaXZhdGUnIGlzIGFsbG93ZWQuYCk7XG4gICAgICAgICAgICB9XG4gICAgICAgICAgICByZXR1cm4gIXRoaXMuX3VzZXJTZXJ2aWNlLnVzZXIuaXNFbXB0eSgpO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKCF1cmwpIHtcbiAgICAgICAgICAgIHVybCA9IHZpZXc/LnJvdXRpbmc/LnBhdGg7XG4gICAgICAgIH1cblxuICAgICAgICByZXR1cm4gIXRoaXMuX3VzZXJTZXJ2aWNlLnVzZXIuaXNFbXB0eSgpIC8vIEF1dGhHdWFyZFxuICAgICAgICAgICAgJiYgdGhpcy5wYXNzZXNSb2xlR3VhcmQodmlldywgdXJsKVxuICAgICAgICAgICAgJiYgdGhpcy5wYXNzZXNBdXRob3JpdHlHdWFyZCh2aWV3KVxuICAgICAgICAgICAgJiYgdGhpcy5wYXNzZXNHcm91cEd1YXJkKHZpZXcsIHVybCk7XG4gICAgfVxuXG4gICAgLyoqXG4gICAgICogQHBhcmFtIHZpZXcgdGhlIHZpZXcgd2hvc2UgYWNjZXNzIHBlcm1pc3Npb25zIHdlIHdhbnQgdG8gY2hlY2tcbiAgICAgKiBAcGFyYW0gdXJsIFVSTCB0byB3aGljaCB0aGUgdmlldyBtYXBzLiBJcyB1c2VkIG9ubHkgZm9yIGVycm9yIG1lc3NhZ2UgZ2VuZXJhdGlvblxuICAgICAqIEByZXR1cm5zIHdoZXRoZXIgdGhlIHVzZXIgcGFzc2VzIHRoZSByb2xlIGd1YXJkIGNvbmRpdGlvbiBmb3IgYWNjZXNzaW5nIHRoZSBzcGVjaWZpZWQgdmlld1xuICAgICAqL1xuICAgIHB1YmxpYyBwYXNzZXNSb2xlR3VhcmQodmlldzogVmlldywgdXJsOiBzdHJpbmcpOiBib29sZWFuIHtcbiAgICAgICAgcmV0dXJuICghdmlldy5hY2Nlc3MuaGFzT3duUHJvcGVydHkoJ3JvbGUnKSAmJiAhdmlldy5hY2Nlc3MuaGFzT3duUHJvcGVydHkoJ2Jhbm5lZFJvbGUnKSkgfHwgdGhpcy5fcm9sZUd1YXJkLmNhbkFjY2Vzc1ZpZXcodmlldywgdXJsKTtcbiAgICB9XG5cbiAgICAvKipcbiAgICAgKiBAcGFyYW0gdmlldyB0aGUgdmlldyB3aG9zZSBhY2Nlc3MgcGVybWlzc2lvbnMgd2Ugd2FudCB0byBjaGVja1xuICAgICAqIEByZXR1cm5zIHdoZXRoZXIgdGhlIHVzZXIgcGFzc2VzIHRoZSBhdXRob3JpdHkgZ3VhcmQgY29uZGl0aW9uIGZvciBhY2Nlc3NpbmcgdGhlIHNwZWNpZmllZCB2aWV3XG4gICAgICovXG4gICAgcHVibGljIHBhc3Nlc0F1dGhvcml0eUd1YXJkKHZpZXc6IFZpZXcpOiBib29sZWFuIHtcbiAgICAgICAgcmV0dXJuICF2aWV3LmFjY2Vzcy5oYXNPd25Qcm9wZXJ0eSgnYXV0aG9yaXR5JykgfHwgdGhpcy5fYXV0aG9yaXR5R3VhcmQuY2FuQWNjZXNzVmlldyh2aWV3KTtcbiAgICB9XG5cbiAgICAvKipcbiAgICAgKiBAcGFyYW0gdmlldyB0aGUgdmlldyB3aG9zZSBhY2Nlc3MgcGVybWlzc2lvbnMgd2Ugd2FudCB0byBjaGVja1xuICAgICAqIEBwYXJhbSB1cmwgVVJMIHRvIHdoaWNoIHRoZSB2aWV3IG1hcHMuIElzIHVzZWQgb25seSBmb3IgZXJyb3IgbWVzc2FnZSBnZW5lcmF0aW9uXG4gICAgICogQHJldHVybnMgd2hldGhlciB0aGUgdXNlciBwYXNzZXMgdGhlIHJvbGUgZ3VhcmQgY29uZGl0aW9uIGZvciBhY2Nlc3NpbmcgdGhlIHNwZWNpZmllZCB2aWV3XG4gICAgICovXG4gICAgcHVibGljIHBhc3Nlc0dyb3VwR3VhcmQodmlldzogVmlldywgdXJsOiBzdHJpbmcpOiBib29sZWFuIHtcbiAgICAgICAgcmV0dXJuICF2aWV3LmFjY2Vzcy5oYXNPd25Qcm9wZXJ0eSgnZ3JvdXAnKSB8fCB0aGlzLl9ncm91cEd1YXJkLmNhbkFjY2Vzc1ZpZXcodmlldywgdXJsKTtcbiAgICB9XG59XG4iXX0=