Angular 2角色和权限 [英] Angular 2 roles and permissions
问题描述
我在项目中使用了angular2和laravel 5.3.在laravel中,当用户登录服务器时,将向该用户发送处理角度授权的权限.所以我写了一个保护措施,以保护无法访问的用户的路由. 这是我的警卫班级代码:
I have used angular2 and laravel 5.3 in my project. in laravel when user logged in server will be send the permissions of the user to handle authorization in angular. so I wrote a guard to protect routes from users that cannot access. here is my guard class code:
export class AccessGuard implements CanActivate{
permissions;
currentRoute;
constructor(private authService:AuthService,private router:Router){
this.permissions = this.authService.getPermissions();
}
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot){
return this.checkHavePermission(state.url);
}
canActivateChild(route: ActivatedRouteSnapshot, state: RouterStateSnapshot){
return this.checkHavePermission(state.url);
}
private checkHavePermission(url){
switch (true) {
case url.match(/^\/panel\/users[\/.*]?/):
return this.getPermission('user.view');
case url.match(/^\/panel\/dashboard/):
return true;
case url.match(/^\/panel\/permissions/):
return this.getPermission('permissions.manager');
case url.match(/^\/panel\/candidates[\/.*]?/):
return this.getPermission('candidate.view');
}
}
getPermission(perm){
for(var i=0;i<this.permissions.length;i++){
if(this.permissions[i].name == perm ){
return true;
}
}
return false;
}
}
现在,路由已得到保护,我想知道如何访问组件类中的用户权限.因为有时用户可以访问一条路线,但看不到dom的特定部分.我该如何处理这种情况?
Now that the routes are secured I wondering that how can I access the user permission inside component class. Because sometimes user can access to a route but he can't see a specific part of dom. how can I handle this kind of situation?
推荐答案
您应将权限存储在服务本身中,而不是在保护中.
You should store the permissions in the service itself instead of in the guard.
因此,当使用进行身份验证时,会将权限存储在身份验证服务的属性中.然后在守护程序中,调用this.authService.<property>
以使用权限.在任何其他组件中,您都可以执行相同的操作
So when the use authenticates, you store the permission in a property of the Authentication Service. Then in the guard, you call the this.authService.<property>
to use the permission. In any other component, you can do the same, this.authService.<property
> to get the user's permission level
由于服务将作为单例传递,因此所有组件都可以访问相同的属性.
Since the service will be passed around as a singleton, all components will have access to the same property.
这篇关于Angular 2角色和权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!