1. 首页
  2. 问答
  3. 参数传递到警戒角2

参数传递到警戒角2

2016-12-27 78 views
6

我有一个应用程序,我有一个认证Guard设置,以确保用户无法访问应用程序,除非它们已经登录,像这样参数传递到警戒角2

import { Injectable } from '@angular/core'; 
import { 
    CanActivate, Router, 
    ActivatedRouteSnapshot, 
    RouterStateSnapshot, 
    CanActivateChild } from '@angular/router'; 
import { AuthContext } from './auth-context.service'; 

@Injectable() 
export class AuthGuard implements CanActivate { 
     constructor(private router: Router, private authContext: AuthContext) { } 

    canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean { 
     // Check to see if a user has a valid JWT 
     if (this.authContext.userInfo !== undefined && this.authContext.userInfo.isAuthenticated) { 
      // If they do, return true and allow the user to load the home component 
      return true; 
     } 

     // If not, they redirect them to the login page 
     this.router.navigate(['/login']); 
     return false; 
    } 

    canActivateChild(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean { 
     return this.canActivate(route, state); 
    } 
}

我想补充另一个后卫授权将检查用户是否处于特定角色。目前,我正在根据此角色隐藏导航中的链接。

<div *ngIf="userInRole('Admin')"> 
      This is secret stuff 
</div>

但是,如果用户知道路由,他们可以将其插入到url中。我如何将我的“userInRole()”类型的功能添加到Guard?我将不得不通过角色名称并执行代码检查。卫兵支持参数吗?

来源

2016-12-27 Isaac Levin

+0

有一对夫妇在这里的解决方案: http://stackoverflow.com/问题/ 42719445 /传递参数到路由后卫 – rook

回答

3

守卫只是一个实现CanActivate或CanDeactivate的类。但是没有任何东西可以阻止你注入一个服务(或一个值),它将返回你的用户角色。例如,

export class AuthGuard implements CanActivate { 
     constructor(private router: Router, private authContext: AuthContext, 
      private user: MyUserService) { } 

    canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean { 
      if (!this.user.isAdmin()) return false; 
      ... 

    } 
}

来源

2016-12-27 18:31:46

5

我找到的解决了这个

import { Injectable } from '@angular/core'; 
    import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router'; 
    import { Observable } from 'rxjs/Observable'; 

    @Injectable() 
    export class IsInRoleGuard implements CanActivate { 
     constructor(
     ) { } 

     canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> | Promise<boolean> | boolean { 
      if (['admin', 'super'].indexOf(next.data['roles']) !== -1) {//We Are getting the roles from the data 

       return true; 
      } 
      return false; 
     } 
    }

,并在你的路由器配置

import { Routes, RouterModule } from '@angular/router'; 
import { ModuleWithProviders } from '@angular/core'; 
import { RootComponent } from './root/root.component'; 
import { DashboardComponent } from './dashboard/dashboard.component'; 
import { IsInRoleGuard } from '../../guards/is-in-role.guard'; 

const routes: Routes = [ 
    { 
     path: '', component: RootComponent, children: [ 
      { 
       path: '', pathMatch: 'full', component: DashboardComponent, data: { 
        roles: [ 
         'admin', 
         'super-admin' 
        ] 
       } 
      } 
     ] 
    } 
]; 

export const RouterConfig: ModuleWithProviders = RouterModule.forChild(routes);

来源

2017-06-26 22:49:25

相关问题

 相关问题