Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Sign in
Toggle navigation
PSManagementUI
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
hasan.bahjat
PSManagementUI
Commits
a076dc2c
Commit
a076dc2c
authored
Aug 30, 2024
by
hasan khaddour
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix roles security
parent
0d68aa1b
Changes
19
Hide whitespace changes
Inline
Side-by-side
Showing
19 changed files
with
150 additions
and
23 deletions
+150
-23
roles.ts
src/app/core/constants/roles.ts
+8
-0
role.guard.ts
src/app/core/guards/role.guard.ts
+37
-0
User.ts
src/app/core/models/users/User.ts
+1
-1
authentication.service.ts
...pp/core/services/authentication/authentication.service.ts
+0
-1
user.service.ts
src/app/core/services/authentication/user.service.ts
+22
-2
customer-details.component.html
...rs/pages/customer-details/customer-details.component.html
+6
-4
customer-details.component.ts
...mers/pages/customer-details/customer-details.component.ts
+8
-1
customer-list.component.html
...ustomers/pages/customer-list/customer-list.component.html
+1
-1
customer-list.component.ts
.../customers/pages/customer-list/customer-list.component.ts
+13
-1
customer-routing.module.ts
src/app/customers/routing/customer-routing.module.ts
+5
-3
types-create.component.ts
...ojects-types/pages/types-create/types-create.component.ts
+3
-1
types-detail.component.html
...ects-types/pages/types-detail/types-detail.component.html
+2
-2
types-detail.component.ts
...ojects-types/pages/types-detail/types-detail.component.ts
+8
-1
types-list.component.html
...projects-types/pages/types-list/types-list.component.html
+1
-1
types-list.component.ts
...p/projects-types/pages/types-list/types-list.component.ts
+9
-1
projects-types.module.ts
src/app/projects-types/projects-types.module.ts
+1
-1
projects-types-routing.module.ts
...p/projects-types/routing/projects-types-routing.module.ts
+21
-0
sidebar.component.html
src/app/shared/sharedLayout/sidebar/sidebar.component.html
+3
-1
sidebar.component.ts
src/app/shared/sharedLayout/sidebar/sidebar.component.ts
+1
-1
No files found.
src/app/core/constants/roles.ts
0 → 100644
View file @
a076dc2c
export
const
ROLES
=
{
ADMIN
:
'Admin'
,
PROJECTS_PLANNER
:
'Planner'
,
CUSTOMERS_PLANER
:
'Planner'
,
SCIENTIFIC_DEPUTY
:
'Employee'
,
EMPLOYEE
:
'Employee'
,
USER
:
'User'
,
}
as
const
;
\ No newline at end of file
src/app/core/guards/role.guard.ts
0 → 100644
View file @
a076dc2c
import
{
Injectable
}
from
'@angular/core'
;
import
{
CanActivate
,
ActivatedRouteSnapshot
,
RouterStateSnapshot
,
Router
}
from
'@angular/router'
;
import
{
Observable
}
from
'rxjs'
;
import
{
AuthenticationService
}
from
'../services/authentication/authentication.service'
;
import
{
UserService
}
from
'../services/authentication/user.service'
;
import
{
ToastrService
}
from
'ngx-toastr'
;
@
Injectable
({
providedIn
:
'root'
})
export
class
RoleGuard
implements
CanActivate
{
constructor
(
private
authService
:
UserService
,
private
router
:
Router
,
private
toastr
:
ToastrService
)
{}
canActivate
(
route
:
ActivatedRouteSnapshot
,
state
:
RouterStateSnapshot
):
Observable
<
boolean
>
|
Promise
<
boolean
>
|
boolean
{
// Get the roles required for the route from the route data
const
requiredRoles
:
string
[]
=
route
.
data
[
'roles'
];
// Get current user roles
const
userRoles
=
this
.
authService
.
getCurrentUserRoles
();
// Array of roles
// Check if user has any of the required roles
if
(
requiredRoles
.
some
(
role
=>
userRoles
.
map
(
e
=>
e
.
name
).
includes
(
role
)))
{
return
true
;
}
else
{
this
.
toastr
.
error
(
'ليس لديك صلاحيات الوصول إلى هذه الصفحة'
)
this
.
router
.
navigate
([
'/'
]);
// Redirect to home page
return
false
;
}
}
}
src/app/core/models/users/User.ts
View file @
a076dc2c
...
...
@@ -3,7 +3,7 @@ export interface User {
userName
:
string
firstName
:
string
lastName
:
string
,
roles
:
string
[]
roles
:
{
name
:
string
,
id
:
number
}
[]
email
:
string
;
}
\ No newline at end of file
src/app/core/services/authentication/authentication.service.ts
View file @
a076dc2c
...
...
@@ -77,7 +77,6 @@ export class AuthenticationService {
getToken
():
string
|
null
{
return
this
.
cookieService
.
get
(
'token'
);
}
//#endregion Authentication
...
...
src/app/core/services/authentication/user.service.ts
View file @
a076dc2c
...
...
@@ -9,18 +9,38 @@ export class UserService {
constructor
(
private
dataStorage
:
DataStorageService
)
{
}
// this method responsible for get the current user details
getCurrentUser
():
User
{
return
JSON
.
parse
(
this
.
dataStorage
.
getItem
(
"userDetails"
));
}
// this meth responsible le for get the current logged employee id
getEmployeeId
()
:
number
{
return
this
.
getCurrentUser
().
employeeId
;
}
getCurrentUserRoles
()
{
return
this
.
getCurrentUser
().
roles
;
}
// fo first name
getUserFirstName
():
string
{
return
JSON
.
parse
(
this
.
dataStorage
.
getItem
(
"userDetails"
)).
firstName
;
}
// for last name
getUserLastName
():
string
{
return
JSON
.
parse
(
this
.
dataStorage
.
getItem
(
"userDetails"
)).
lastName
;
}
}
// the method check fora given role
hasRole
(
roleName
:
string
)
:
boolean
{
return
this
.
getCurrentUser
()
.
roles
.
filter
(
e
=>
e
.
name
==
roleName
)
.
length
!=
0
;
}
}
src/app/customers/pages/customer-details/customer-details.component.html
View file @
a076dc2c
...
...
@@ -36,7 +36,9 @@
<td
class=
"text-center"
>
{{contact.contactType}}
</td>
<td
class=
"text-center"
>
{{contact.contactValue}}
</td>
<td
class=
"text-center"
>
<button
class=
"btn btn-danger"
(
click
)="
openRemoveConatact
(
contact
)"
>
<button
class=
"btn btn-danger"
[
disabled
]="!
canEditCustomer
()"
(
click
)="
openRemoveConatact
(
contact
)"
>
إزالة
</button>
</td>
...
...
@@ -45,12 +47,12 @@
</tbody>
</table>
</div>
<div
class=
"row mb-4"
>
<div
*
ngIf=
"canEditCustomer()"
class=
"row mb-4"
>
<button
class=
"col-3 offset-1 m-4 btn btn-danger"
(
click
)="
openModal
('
delete
')"
>
إزالة
</button>
<button
class=
"col-3 offset-1 m-4 btn btn-danger"
(
click
)="
openModal
('
delete
')"
>
إزالة
</button>
<button
class=
"col-3 offset-1 m-4 btn btn-primary"
(
click
)="
openModal
('
edit
')"
>
تعديل
</button>
<button
class=
"col-3 m-4 btn btn-primary"
(
click
)="
openAddConatact
()"
>
إضافة معلومة اتصال
</button>
<button
class=
"col-3 m-4 btn btn-primary"
(
click
)="
openAddConatact
()"
>
إضافة معلومة اتصال
</button>
</div>
...
...
src/app/customers/pages/customer-details/customer-details.component.ts
View file @
a076dc2c
...
...
@@ -9,6 +9,8 @@ import { AddContactInfoRequest, UpdateCustomerRequest } from '../../models/reque
import
{
NgbActiveModal
,
NgbModal
}
from
'@ng-bootstrap/ng-bootstrap'
;
import
{
AddContactinfoModalComponent
}
from
'../../components/add-contactinfo-modal/add-contactinfo-modal.component'
;
import
{
RemoveContactinfoModalComponent
}
from
'../../components/remove-contactinfo-modal/remove-contactinfo-modal.component'
;
import
{
UserService
}
from
'../../../core/services/authentication/user.service'
;
import
{
ROLES
}
from
'../../../core/constants/roles'
;
@
Component
({
selector
:
'customer-details'
,
...
...
@@ -34,7 +36,8 @@ export class CustomerDetailsComponent implements OnInit {
private
route
:
ActivatedRoute
,
private
customerService
:
CustomerService
,
private
toastr
:
ToastrService
,
private
modalService
:
NgbModal
private
modalService
:
NgbModal
,
public
userService
:
UserService
)
{}
ngOnInit
():
void
{
...
...
@@ -43,6 +46,10 @@ export class CustomerDetailsComponent implements OnInit {
}
canEditCustomer
():
boolean
{
return
this
.
userService
.
hasRole
(
ROLES
.
CUSTOMERS_PLANER
);
}
loadCustomer
(){
this
...
...
src/app/customers/pages/customer-list/customer-list.component.html
View file @
a076dc2c
...
...
@@ -6,7 +6,7 @@
<h2
class=
"h3 mb-0 page-title"
>
الجهات الطارحة
</h2>
</div>
<div
class=
"col-auto"
>
<button
type=
"button"
(
click
)="
this
.
router
.
navigate
(['
customers
/
create
'])"
class=
"btn btn-primary"
><span
class=
"fe fe-file-plus fe-12 mr-2"
></span>
إضافة جهة جديدة
</button>
<button
type=
"button"
[
disabled
]="!
canEditCustomer
()"
(
click
)="
this
.
router
.
navigate
(['
customers
/
create
'])"
class=
"btn btn-primary"
><span
class=
"fe fe-file-plus fe-12 mr-2"
></span>
إضافة جهة جديدة
</button>
</div>
</div>
<div
class=
"row"
>
...
...
src/app/customers/pages/customer-list/customer-list.component.ts
View file @
a076dc2c
...
...
@@ -8,13 +8,18 @@ import { config } from 'rxjs';
import
{
ToastrService
}
from
'ngx-toastr'
;
import
{
Router
}
from
'@angular/router'
;
import
{
LoadingService
}
from
'../../../core/services/loading/loading-service.service'
;
import
{
UserService
}
from
'../../../core/services/authentication/user.service'
;
import
{
ROLES
}
from
'../../../core/constants/roles'
;
@
Component
({
selector
:
'customer-list'
,
templateUrl
:
'./customer-list.component.html'
,
styleUrl
:
'./customer-list.component.css'
})
export
class
CustomerListComponent
implements
OnInit
{
customers
:
Customer
[]
=
[]
isCreate
=
false
loading
=
true
...
...
@@ -26,7 +31,8 @@ export class CustomerListComponent implements OnInit {
private
customerService
:
CustomerService
,
private
toastr
:
ToastrService
,
public
router
:
Router
,
private
loadingService
:
LoadingService
private
loadingService
:
LoadingService
,
private
userService
:
UserService
)
{
}
...
...
@@ -61,6 +67,12 @@ export class CustomerListComponent implements OnInit {
toggle
():
void
{
this
.
isCreate
=
!
this
.
isCreate
}
canEditCustomer
():
boolean
{
return
this
.
userService
.
hasRole
(
ROLES
.
CUSTOMERS_PLANER
);
}
pageChanged
(
event
:
number
):
void
{
this
.
currentPage
=
event
;
}
...
...
src/app/customers/routing/customer-routing.module.ts
View file @
a076dc2c
...
...
@@ -4,12 +4,14 @@ import { CustomerCreateComponent } from '../pages/customer-create/customer-creat
import
{
UpdateCustomerComponent
}
from
'../pages/update-customer/update-customer.component'
;
import
{
CustomerDetailsComponent
}
from
'../pages/customer-details/customer-details.component'
;
import
{
CustomerListComponent
}
from
'../pages/customer-list/customer-list.component'
;
import
{
RoleGuard
}
from
'../../core/guards/role.guard'
;
import
{
ROLES
}
from
'../../core/constants/roles'
;
const
routes
:
Routes
=
[
{
path
:
''
,
component
:
CustomerListComponent
},
{
path
:
'edit/:id'
,
component
:
UpdateCustomerComponent
},
{
path
:
'create'
,
component
:
CustomerCreateComponent
},
{
path
:
'detail/:id'
,
component
:
CustomerDetailsComponent
},
{
path
:
'edit/:id'
,
component
:
UpdateCustomerComponent
,
canActivate
:[
RoleGuard
]
,
data
:
{
roles
:
[
ROLES
.
CUSTOMERS_PLANER
]
}
},
{
path
:
'create'
,
component
:
CustomerCreateComponent
,
canActivate
:[
RoleGuard
]
,
data
:
{
roles
:
[
ROLES
.
CUSTOMERS_PLANER
]
}
},
{
path
:
'detail/:id'
,
component
:
CustomerDetailsComponent
},
];
@
NgModule
({
...
...
src/app/projects-types/pages/types-create/types-create.component.ts
View file @
a076dc2c
...
...
@@ -4,6 +4,8 @@ import { ProjectsTypesService } from '../../services/projects-types.service';
import
{
ToastrService
}
from
'ngx-toastr'
;
import
{
Router
}
from
'@angular/router'
;
import
{
CreateCustomerRequest
}
from
'../../../customers/models/requests/createCustomerRequest'
;
import
{
UserService
}
from
'../../../core/services/authentication/user.service'
;
import
{
ROLES
}
from
'../../../core/constants/roles'
;
@
Component
({
selector
:
'types-create'
,
...
...
@@ -16,7 +18,7 @@ export class TypesCreateComponent {
private
typeService
:
ProjectsTypesService
,
private
toastr
:
ToastrService
,
private
router
:
Router
){}
){}
submit
(
request
:
CreateNewTypeRequest
){
this
.
typeService
.
addType
(
request
)
...
...
src/app/projects-types/pages/types-detail/types-detail.component.html
View file @
a076dc2c
...
...
@@ -21,8 +21,8 @@
</div>
<div
class=
"row mb-4"
>
<button
class=
"col-3 offset-1 m-4 btn btn-danger"
(
click
)="
openModal
('
delete
')"
>
إزالة
</button>
<button
class=
"col-3 offset-1 m-4 btn btn-primary"
(
click
)="
openModal
('
edit
')"
>
تعديل
</button>
<button
[
disabled
]="!
canEdit
()"
class=
"col-3 offset-1 m-4 btn btn-danger"
(
click
)="
openModal
('
delete
')"
>
إزالة
</button>
<button
[
disabled
]="!
canEdit
()"
class=
"col-3 offset-1 m-4 btn btn-primary"
(
click
)="
openModal
('
edit
')"
>
تعديل
</button>
</div>
...
...
src/app/projects-types/pages/types-detail/types-detail.component.ts
View file @
a076dc2c
...
...
@@ -5,6 +5,8 @@ import { ActivatedRoute, Router } from '@angular/router';
import
{
ToastrService
}
from
'ngx-toastr'
;
import
{
Modal
}
from
'bootstrap'
;
import
{
UpdateTypeRequest
}
from
'../../models/requests/updateProjectTypeRequest'
;
import
{
UserService
}
from
'../../../core/services/authentication/user.service'
;
import
{
ROLES
}
from
'../../../core/constants/roles'
;
@
Component
({
selector
:
'types-detail'
,
...
...
@@ -23,7 +25,8 @@ export class TypesDetailComponent implements OnInit{
private
typeService
:
ProjectsTypesService
,
private
route
:
ActivatedRoute
,
private
toastr
:
ToastrService
,
private
router
:
Router
private
router
:
Router
,
private
userService
:
UserService
){}
ngOnInit
():
void
{
...
...
@@ -112,6 +115,10 @@ export class TypesDetailComponent implements OnInit{
new
Modal
(
modalElement
).
hide
();
// Close the modal
}
}
canEdit
():
boolean
{
return
this
.
userService
.
hasRole
(
ROLES
.
PROJECTS_PLANNER
);
}
}
src/app/projects-types/pages/types-list/types-list.component.html
View file @
a076dc2c
...
...
@@ -6,7 +6,7 @@
<h2
class=
"h3 mb-0 page-title"
>
قائمة أنواع المشاريع
</h2>
</div>
<div
class=
"col-auto"
>
<button
type=
"button"
[
routerLink
]="['/
types
/
create
']"
class=
"btn btn-primary"
><span
class=
"fe fe-file-plus fe-12 mr-2"
></span>
إضافة عنصر
</button>
<button
[
disabled
]="!
canEdit
()"
type=
"button"
[
routerLink
]="['/
types
/
create
']"
class=
"btn btn-primary"
><span
class=
"fe fe-file-plus fe-12 mr-2"
></span>
إضافة عنصر
</button>
</div>
</div>
<hr>
...
...
src/app/projects-types/pages/types-list/types-list.component.ts
View file @
a076dc2c
...
...
@@ -6,6 +6,8 @@ import { NgbModal } from '@ng-bootstrap/ng-bootstrap';
import
{
Modal
}
from
'bootstrap'
;
import
{
ProjectType
}
from
'../../models/responses/projectType'
;
import
{
UpdateTypeRequest
}
from
'../../models/requests/updateProjectTypeRequest'
;
import
{
ROLES
}
from
'../../../core/constants/roles'
;
import
{
UserService
}
from
'../../../core/services/authentication/user.service'
;
@
Component
({
selector
:
'types-list'
,
...
...
@@ -24,7 +26,9 @@ export class TypesListComponent {
private
toastr
:
ToastrService
,
private
route
:
ActivatedRoute
,
public
router
:
Router
,
private
modalService
:
NgbModal
private
modalService
:
NgbModal
,
private
userService
:
UserService
)
{
}
...
...
@@ -124,5 +128,9 @@ export class TypesListComponent {
}
}
canEdit
():
boolean
{
return
this
.
userService
.
hasRole
(
ROLES
.
PROJECTS_PLANNER
);
}
}
src/app/projects-types/projects-types.module.ts
View file @
a076dc2c
import
{
NgModule
}
from
'@angular/core'
;
import
{
CommonModule
}
from
'@angular/common'
;
import
{
ProjectsTypesRoutingModule
}
from
'./projects-types-routing.module'
;
import
{
ProjectsTypesRoutingModule
}
from
'./
routing/
projects-types-routing.module'
;
import
{
TypeItemComponent
}
from
'./components/type-item/type-item.component'
;
import
{
TypesListComponent
}
from
'./pages/types-list/types-list.component'
;
import
{
TypesCreateComponent
}
from
'./pages/types-create/types-create.component'
;
...
...
src/app/projects-types/projects-types-routing.module.ts
→
src/app/projects-types/
routing/
projects-types-routing.module.ts
View file @
a076dc2c
import
{
NgModule
}
from
'@angular/core'
;
import
{
RouterModule
,
Routes
}
from
'@angular/router'
;
import
{
TypesCreateComponent
}
from
'./pages/types-create/types-create.component'
;
import
{
TypesDetailComponent
}
from
'./pages/types-detail/types-detail.component'
;
import
{
TypesListComponent
}
from
'./pages/types-list/types-list.component'
;
import
{
TypesDetailComponent
}
from
'../pages/types-detail/types-detail.component'
;
import
{
TypesCreateComponent
}
from
'../pages/types-create/types-create.component'
;
import
{
TypesListComponent
}
from
'../pages/types-list/types-list.component'
;
import
{
ROLES
}
from
'../../core/constants/roles'
;
import
{
RoleGuard
}
from
'../../core/guards/role.guard'
;
const
routes
:
Routes
=
[
{
path
:
'create'
,
component
:
TypesCreateComponent
},
{
path
:
'detail/:id'
,
component
:
TypesDetailComponent
},
{
path
:
'create'
,
component
:
TypesCreateComponent
,
canActivate
:[
RoleGuard
]
,
data
:
{
roles
:
[
ROLES
.
PROJECTS_PLANNER
]
}
},
{
path
:
'detail/:id'
,
component
:
TypesDetailComponent
},
{
path
:
''
,
component
:
TypesListComponent
},
];
...
...
src/app/shared/sharedLayout/sidebar/sidebar.component.html
View file @
a076dc2c
...
...
@@ -50,7 +50,9 @@
</a>
</li>
<li
class=
"nav-item"
>
<a
[
routerLink
]="['/
customers
/
create
']"
class=
"nav-link collapsed "
>
<a
*
ngIf=
"hasRole('Planner')"
[
routerLink
]="['/
customers
/
create
']"
class=
"nav-link collapsed "
>
<i
class=
"fe fe-edit-2"
></i><span>
إضافة جهة طارحة
</span>
</a>
</li>
...
...
src/app/shared/sharedLayout/sidebar/sidebar.component.ts
View file @
a076dc2c
...
...
@@ -20,7 +20,7 @@ export class SidebarComponent implements OnInit {
@
Input
()
isToggled
:
Boolean
;
ngOnInit
():
void
{
this
.
roles
=
this
.
userService
.
getCurrentUser
().
roles
this
.
roles
=
this
.
userService
.
getCurrentUser
().
roles
.
map
(
e
=>
e
.
name
)
this
.
id
=
this
.
userService
.
getEmployeeId
();
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment