angular security course

Your Name · Your Name · commit 9fd6f2c01afb · 2017-09-21T16:07:13.000+02:00
diff --git a/src/app/app.module.ts b/src/app/app.module.ts
@@ -12,7 +12,7 @@ import {ReactiveFormsModule} from "@angular/forms";
 
 import {AuthService} from "./services/auth.service";
 import {AdminComponent} from './admin/admin.component';
-import {RouterModule} from "@angular/router";
+import {Router, RouterModule} from "@angular/router";
 
 
 import 'rxjs/add/operator/switchMap';
@@ -24,6 +24,7 @@ import 'rxjs/add/operator/catch';
 import 'rxjs/add/operator/first';
 import 'rxjs/add/observable/of';
 import {RbacAllowDirective} from "./common/rbac-allow.directive";
+import {AuthorizationGuard} from "./services/authorization.guard";
 
 
 @NgModule({
@@ -47,7 +48,18 @@ import {RbacAllowDirective} from "./common/rbac-allow.directive";
     ],
     providers: [
         LessonsService,
-        AuthService
+        AuthService,
+        {
+            provide: 'adminsOnlyGuard',
+            useFactory: (authService:AuthService,
+                         router:Router) =>
+                 new AuthorizationGuard(['ADMIN'], authService, router),
+            deps: [
+                AuthService,
+                Router
+            ]
+
+        }
     ],
     bootstrap: [AppComponent]
 })
diff --git a/src/app/routes.config.ts b/src/app/routes.config.ts
@@ -19,7 +19,8 @@ export const routesConfig: Routes = [
     },
     {
         path: 'admin',
-        component: AdminComponent
+        component: AdminComponent,
+        canActivate: ["adminsOnlyGuard"]
     },
     {
         path: '',
diff --git a/src/app/services/authorization.guard.ts b/src/app/services/authorization.guard.ts
@@ -0,0 +1,34 @@
+
+import {ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot} from "@angular/router";
+import {Observable} from "rxjs/Observable";
+import {AuthService} from "./auth.service";
+import * as _ from 'lodash';
+import {Injectable} from "@angular/core";
+
+@Injectable()
+export class AuthorizationGuard implements  CanActivate {
+
+
+    constructor(private allowedRoles:string[],
+                private authService:AuthService, private router:Router) {
+
+    }
+
+
+    canActivate(
+        route: ActivatedRouteSnapshot,
+        state: RouterStateSnapshot): Observable<boolean>  {
+
+        return this.authService.user$
+            .map(user => _.intersection(this.allowedRoles, user.roles).length > 0 )
+            .first()
+            .do(allowed => {
+                if (!allowed) {
+                    this.router.navigateByUrl('/');
+                }
+            });
+
+
+    }
+
+}

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,8 @@ export const routesConfig: Routes = [`
`19`	`19`	`},`
`20`	`20`	`{`
`21`	`21`	`path: 'admin',`
`22`		`- component: AdminComponent`
	`22`	`+ component: AdminComponent,`
	`23`	`+ canActivate: ["adminsOnlyGuard"]`
`23`	`24`	`},`
`24`	`25`	`{`
`25`	`26`	`path: '',`