aConnect
/
aConnect-UX
7
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

implemented permissions checks to prevent users accessing the content they do not have permission for.

Browse Source
aconnect-UX/1765
atif118-mfsys 4 weeks ago
parent 1867e11502
commit c278b0f89c
9 changed files with 63 additions and 74 deletions
Show Stats Download Patch File Download Diff File

28
src/app/app.routes.ts
Unescape Escape View File

@ -3,7 +3,7 @@ import { LoginComponent } from './authenticate/login/login.component';
import { ChangePasswordComponent } from './user-management/change-password/change-password.component'; import { ChangePasswordComponent } from './user-management/change-password/change-password.component';
import { FullLayoutComponent } from './full-layout/full-layout.component'; import { FullLayoutComponent } from './full-layout/full-layout.component';
import { AuthenticationGuard } from './shared/guards/authentication.guard'; import { AuthenticationGuard } from './shared/guards/authentication.guard';
// import { ActivityGuard } from './shared/guards/activity.guard'; import { ActivityGuard } from './shared/guards/activity.guard';
export const routes: Routes = [ export const routes: Routes = [
{ {
@ -38,9 +38,7 @@ export const routes: Routes = [
}, },
{ {
path: 'permissions', path: 'permissions',
// will need this guard in future when permissions are implemented. canActivate: [ActivityGuard],
// commenting them for now.
// canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./user-permissions/user-permissions.component').then( import('./user-permissions/user-permissions.component').then(
m => m.UserPermissionsComponent m => m.UserPermissionsComponent
@ -48,7 +46,7 @@ export const routes: Routes = [
}, },
{ {
path: 'smsLogger', path: 'smsLogger',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./sms-banking/sms-banking.component').then( import('./sms-banking/sms-banking.component').then(
m => m.SmsBankingComponent m => m.SmsBankingComponent
@ -56,7 +54,7 @@ export const routes: Routes = [
}, },
{ {
path: 'smsGateway', path: 'smsGateway',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./sms-gateway/sms-gateway.component').then( import('./sms-gateway/sms-gateway.component').then(
m => m.SmsGatewayComponent m => m.SmsGatewayComponent
@ -64,7 +62,7 @@ export const routes: Routes = [
}, },
{ {
path: 'loggerManager', path: 'loggerManager',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./logging/logging.component').then( import('./logging/logging.component').then(
m => m.LoggingComponent m => m.LoggingComponent
@ -72,7 +70,7 @@ export const routes: Routes = [
}, },
{ {
path: 'analysis', path: 'analysis',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./data-analysis/data-analysis.component').then( import('./data-analysis/data-analysis.component').then(
m => m.DataAnalysisComponent m => m.DataAnalysisComponent
@ -80,7 +78,7 @@ export const routes: Routes = [
}, },
{ {
path: 'ibUnblockUser', path: 'ibUnblockUser',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./ib-support/ib-unblock-user/ib-unblock-user.component').then( import('./ib-support/ib-unblock-user/ib-unblock-user.component').then(
m => m.IbUnblockUserComponent m => m.IbUnblockUserComponent
@ -88,7 +86,7 @@ export const routes: Routes = [
}, },
{ {
path: 'feedbackSetup', path: 'feedbackSetup',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./ib-support/feedback-setup/feedback-setup.component').then( import('./ib-support/feedback-setup/feedback-setup.component').then(
m => m.FeedbackSetupComponent m => m.FeedbackSetupComponent
@ -96,7 +94,7 @@ export const routes: Routes = [
}, },
{ {
path: 'purposeSetup', path: 'purposeSetup',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./ib-support/tran-purpose-setup/tran-purpose-setup.component').then( import('./ib-support/tran-purpose-setup/tran-purpose-setup.component').then(
m => m.TranPurposeSetupComponent m => m.TranPurposeSetupComponent
@ -104,7 +102,7 @@ export const routes: Routes = [
}, },
{ {
path: 'thirdPartyRegistration', path: 'thirdPartyRegistration',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./user-management/third-party-registration/third-party-registration.component').then( import('./user-management/third-party-registration/third-party-registration.component').then(
m => m.ThirdPartyRegistrationComponent m => m.ThirdPartyRegistrationComponent
@ -112,7 +110,7 @@ export const routes: Routes = [
}, },
{ {
path: 'setupUser', path: 'setupUser',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./user-management/setup-user/setup-user.component').then( import('./user-management/setup-user/setup-user.component').then(
m => m.SetupUserComponent m => m.SetupUserComponent
@ -120,7 +118,7 @@ export const routes: Routes = [
}, },
{ {
path: 'resetPassword', path: 'resetPassword',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./user-management/reset-password/reset-password.component').then( import('./user-management/reset-password/reset-password.component').then(
m => m.ResetPasswordComponent m => m.ResetPasswordComponent
@ -128,7 +126,7 @@ export const routes: Routes = [
}, },
{ {
path: 'changePassword', path: 'changePassword',
// canActivate: [ActivityGuard], canActivate: [ActivityGuard],
loadComponent: () => loadComponent: () =>
import('./user-management/change-password/change-password.component').then( import('./user-management/change-password/change-password.component').then(
m => m.ChangePasswordComponent m => m.ChangePasswordComponent

2
src/app/authenticate/authenticate.ts
Unescape Escape View File

@ -6,9 +6,9 @@ export interface AuthenticationResponse extends AuthenticationToken {
authenticated: boolean authenticated: boolean
porOrgacode: string; porOrgacode: string;
userId: string; userId: string;
userType: string;
password: string; password: string;
userHomevac: string; userHomevac: string;
user: any
} }
export class UserCredentials { export class UserCredentials {

14
src/app/services/authenticate.service.ts
Unescape Escape View File

@ -43,16 +43,16 @@ export class AuthenticationService {
this.i18nService.success(SuccessMessages.LOGIN_SUCCESSFULLY, []); this.i18nService.success(SuccessMessages.LOGIN_SUCCESSFULLY, []);
this.storageService.setItem('user', JSON.stringify(data)); this.storageService.setItem('user', JSON.stringify(data));
this.credentialService.setToken(data.token); this.credentialService.setToken(data.token);
this.credentialService.setUserType(data.userType); this.credentialService.setUserType(data.role);
if(data.permission){ if(data.user.permissions){
this.storageService.setItem('permission', data.permission); this.storageService.setItem('permission', data.user.permissions);
this.credentialService.setPermission(JSON.parse(data.permission)); this.credentialService.setPermission(JSON.parse(data.user.permissions));
} }
else{ else{
this.storageService.setItem('permission', '[]'); this.storageService.setItem('permission', '[]');
this.credentialService.setPermission([]); this.credentialService.setPermission([]);
} }
this.buttonManagementService.setButtonPermissions(this.credentialService.getPermission(), this.isSuperAdminUser()); this.buttonManagementService.setButtonPermissions(this.credentialService.getPermission(), this.isAdminUser());
if(data.user.isFirstLogin){ if(data.user.isFirstLogin){
this.router.navigate(["/changepassword"]); this.router.navigate(["/changepassword"]);
} else { } else {
@ -79,10 +79,10 @@ export class AuthenticationService {
return false; return false;
} }
isSuperAdminUser(){ isAdminUser(){
if (this.storageService && this.storageService.getItem('user') != null) { if (this.storageService && this.storageService.getItem('user') != null) {
let cachedUser = JSON.parse(this.storageService.getItem('user') || '{}'); let cachedUser = JSON.parse(this.storageService.getItem('user') || '{}');
return cachedUser.userType === HiddenValues.SUPERADMIN_USER; return cachedUser.user.role === HiddenValues.ADMIN_USER;
} }
return false; return false;
} }

39
src/app/shared/components/side-nav/side-nav.component.html
Unescape Escape View File

@ -7,102 +7,95 @@
<span>{{ 'dashboard' | translate }}</span> <span>{{ 'dashboard' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.UserManagement || authService.isAdminUser()">
<a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)"> <a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)">
<i class="fa fa-user-secret"></i> <i class="fa fa-user-secret"></i>
<span>{{ 'UserManagement' | translate }}</span> <span>{{ 'UserManagement' | translate }}</span>
</a> </a>
<ul class="sub-menu" aria-expanded="false"> <ul class="sub-menu" aria-expanded="false">
<li> <li *ngIf="permissions.thirdPartyRegistration || authService.isAdminUser()">
<a routerLink="/home/thirdPartyRegistration" routerLinkActive="mm-active"> <a routerLink="/home/thirdPartyRegistration" routerLinkActive="mm-active">
<span> {{ 'thirdPartyRegistration' | translate }}</span> <span> {{ 'thirdPartyRegistration' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.setupUser || authService.isAdminUser()">
<a routerLink="/home/setupUser" routerLinkActive="mm-active"> <a routerLink="/home/setupUser" routerLinkActive="mm-active">
<span>{{ 'setupUser' | translate }}</span> <span>{{ 'setupUser' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.resetPassword || authService.isAdminUser()">
<a routerLink="/home/resetPassword" routerLinkActive="mm-active"> <a routerLink="/home/resetPassword" routerLinkActive="mm-active">
<span> {{ 'resetPassword' | translate }}</span> <span> {{ 'resetPassword' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.changePassword || authService.isAdminUser()">
<a routerLink="/home/changePassword" routerLinkActive="mm-active" (click)="navigateToChangePassword()" style="cursor: pointer"> <a routerLink="/home/changePassword" routerLinkActive="mm-active" (click)="navigateToChangePassword()" style="cursor: pointer">
<span> {{ 'changePassword' | translate }}</span> <span> {{ 'changePassword' | translate }}</span>
</a> </a>
</li> </li>
</ul> </ul>
</li> </li>
<li> <li *ngIf="permissions.Logging || authService.isAdminUser()">
<a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)"> <a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)">
<i class="fa fa-history"></i> <i class="fa fa-history"></i>
<span>{{ 'Logging' | translate }}</span> <span>{{ 'Logging' | translate }}</span>
</a> </a>
<ul class="sub-menu" aria-expanded="false"> <ul class="sub-menu" aria-expanded="false">
<li> <li *ngIf="permissions.loggerManager || authService.isAdminUser()">
<a routerLink="/home/loggerManager" routerLinkActive="mm-active"> <a routerLink="/home/loggerManager" routerLinkActive="mm-active">
<span> {{ 'loggerManager' | translate }}</span> <span> {{ 'loggerManager' | translate }}</span>
</a> </a>
</li> </li>
</ul> </ul>
</li> </li>
<li> <li *ngIf="permissions.SMSBanking || authService.isAdminUser()">
<a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)"> <a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)">
<i class="mdi mdi-comment-outline"></i> <i class="mdi mdi-comment-outline"></i>
<span>{{ 'SMSBanking' | translate }}</span> <span>{{ 'SMSBanking' | translate }}</span>
</a> </a>
<ul class="sub-menu" aria-expanded="false"> <ul class="sub-menu" aria-expanded="false">
<li> <li *ngIf="permissions.smsLogger || authService.isAdminUser()">
<a routerLink="/home/smsLogger" routerLinkActive="mm-active"> <a routerLink="/home/smsLogger" routerLinkActive="mm-active">
<span> {{ 'smsLogger' | translate }}</span> <span> {{ 'smsLogger' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.smsGateway || authService.isAdminUser()">
<a routerLink="/home/smsGateway" routerLinkActive="mm-active"> <a routerLink="/home/smsGateway" routerLinkActive="mm-active">
<span> {{ 'smsGateway' | translate }}</span> <span> {{ 'smsGateway' | translate }}</span>
</a> </a>
</li> </li>
</ul> </ul>
</li> </li>
<li> <li *ngIf="permissions.ibSupport || authService.isAdminUser()">
<a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)"> <a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)">
<i class="mdi mdi-comment-outline"></i> <i class="mdi mdi-comment-outline"></i>
<span>{{ 'ibSupport' | translate }}</span> <span>{{ 'ibSupport' | translate }}</span>
</a> </a>
<ul class="sub-menu" aria-expanded="false"> <ul class="sub-menu" aria-expanded="false">
<li> <li *ngIf="permissions.ibUnblockUser || authService.isAdminUser()">
<a routerLink="/home/ibUnblockUser" routerLinkActive="mm-active"> <a routerLink="/home/ibUnblockUser" routerLinkActive="mm-active">
<span> {{ 'ibUnblockUser' | translate }}</span> <span> {{ 'ibUnblockUser' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.feedbackSetup || authService.isAdminUser()">
<a routerLink="/home/feedbackSetup" routerLinkActive="mm-active"> <a routerLink="/home/feedbackSetup" routerLinkActive="mm-active">
<span> {{ 'feedbackSetup' | translate }}</span> <span> {{ 'feedbackSetup' | translate }}</span>
</a> </a>
</li> </li>
<li> <li *ngIf="permissions.purposeSetup || authService.isAdminUser()">
<a routerLink="/home/purposeSetup" routerLinkActive="mm-active"> <a routerLink="/home/purposeSetup" routerLinkActive="mm-active">
<span> {{ 'purposeSetup' | translate }}</span> <span> {{ 'purposeSetup' | translate }}</span>
</a> </a>
</li> </li>
</ul> </ul>
</li> </li>
<li> <li *ngIf="permissions.permissions || authService.isAdminUser()">
<a href="javascript:void(0);" class="has-arrow waves-effect" (click)="toggleMenu($event)">
<i class='fa fa-lock'></i>
<span>{{ 'Permissions' | translate }}</span>
</a>
<ul class="sub-menu" aria-expanded="false">
<li>
<a routerLink="/home/permissions" routerLinkActive="mm-active"> <a routerLink="/home/permissions" routerLinkActive="mm-active">
<i class='fa fa-lock'></i>
<span> {{ 'permissions' | translate }}</span> <span> {{ 'permissions' | translate }}</span>
</a> </a>
</li> </li>
</ul> </ul>
</li>
</ul>
</div> </div>
</div> </div>

28
src/app/shared/components/side-nav/side-nav.component.ts
Unescape Escape View File

@ -2,14 +2,16 @@ import { Component, Inject, PLATFORM_ID } from '@angular/core';
import { FormGroup } from '@angular/forms'; import { FormGroup } from '@angular/forms';
import { SidebarService } from '../../../services/sidebar.service'; import { SidebarService } from '../../../services/sidebar.service';
import { StorageService } from '../../services/storage.service'; import { StorageService } from '../../services/storage.service';
import { isPlatformBrowser } from '@angular/common'; import { CommonModule, isPlatformBrowser } from '@angular/common';
import { TranslateModule } from '@ngx-translate/core'; import { TranslateModule } from '@ngx-translate/core';
import { RouterModule } from '@angular/router'; import { RouterModule } from '@angular/router';
import { Router } from '@angular/router'; import { Router } from '@angular/router';
import { CredentialService } from '../../../services/credential.service';
import { AuthenticationService } from '../../../services/authenticate.service';
@Component({ @Component({
selector: 'app-side-nav', selector: 'app-side-nav',
imports: [TranslateModule, RouterModule], imports: [TranslateModule, RouterModule, CommonModule],
templateUrl: './side-nav.component.html', templateUrl: './side-nav.component.html',
styleUrl: './side-nav.component.scss', styleUrl: './side-nav.component.scss',
}) })
@ -24,19 +26,23 @@ export class SideNavComponent {
private sidebarService: SidebarService, private sidebarService: SidebarService,
@Inject(PLATFORM_ID) private platformId: Object, @Inject(PLATFORM_ID) private platformId: Object,
private storageService: StorageService, private storageService: StorageService,
private router: Router private router: Router,
private credentialService: CredentialService,
public authService: AuthenticationService
) { ) {
// this.credentialService.getPermission().forEach((permission: any) => {
// this.permissions[permission.name] = permission.checked;
// if(permission.children.length>0){
// permission.children.forEach((child: any)=>{
// this.permissions[child.name] = child.checked;
// })
// }
// });
} }
ngOnInit(): void { ngOnInit(): void {
this.credentialService.getPermission().forEach((permission: any) => {
this.permissions[permission.name] = permission.checked;
if(permission.children.length>0){
permission.children.forEach((child: any)=>{
this.permissions[child.name] = child.checked;
})
}
});
this.sidebarService.currentSubModule = this.storageService.getItem('currentSubModule') ?? 'dashboard'; this.sidebarService.currentSubModule = this.storageService.getItem('currentSubModule') ?? 'dashboard';
this.closeSidebarMenu(); this.closeSidebarMenu();
} }

2
src/app/shared/guards/activity.guard.ts
Unescape Escape View File

@ -18,7 +18,7 @@ export class ActivityGuard implements CanActivate {
if (typeof window !== 'undefined' && window.localStorage) { if (typeof window !== 'undefined' && window.localStorage) {
let permissions = JSON.parse(window.localStorage.getItem('permission') || '[]'); let permissions = JSON.parse(window.localStorage.getItem('permission') || '[]');
if (this.authService.isAuthenticated()) { if (this.authService.isAuthenticated()) {
if (this.authService.isSuperAdminUser()){ if (this.authService.isAdminUser()){
return true; return true;
} }
let routeLink = (state.url.split('?'))[0]; let routeLink = (state.url.split('?'))[0];

4
src/app/shared/guards/authentication.guard.ts
Unescape Escape View File

@ -24,9 +24,9 @@ export class AuthenticationGuard implements CanActivate {
this.credentialService.setUserId(window.localStorage.getItem(FormConstants.USER_ID) || ''); this.credentialService.setUserId(window.localStorage.getItem(FormConstants.USER_ID) || '');
this.credentialService.setPassword(window.localStorage.getItem(FormConstants.PASSWORD) || ''); this.credentialService.setPassword(window.localStorage.getItem(FormConstants.PASSWORD) || '');
this.credentialService.setToken(data.token); this.credentialService.setToken(data.token);
this.credentialService.setUserType(data.userType); this.credentialService.setUserType(data.user.role);
this.credentialService.setPermission(permission); this.credentialService.setPermission(permission);
this.buttonManagementService.setButtonPermissions(this.credentialService.getPermission(), this.authService.isSuperAdminUser()); this.buttonManagementService.setButtonPermissions(this.credentialService.getPermission(), this.authService.isAdminUser());
this.authService.onAuthenticationComplete.next(true); this.authService.onAuthenticationComplete.next(true);
return true; return true;
} else { } else {

2
src/app/utils/enums.ts
Unescape Escape View File

@ -40,7 +40,7 @@ export enum HiddenValues {
CHANNEL_CODE = "01", CHANNEL_CODE = "01",
ORGANIZATION_USER = "O", ORGANIZATION_USER = "O",
VAC_USER = "V", VAC_USER = "V",
SUPERADMIN_USER = "S", ADMIN_USER = "ADMIN",
DEFAULT_PASSWORD = "12345678", DEFAULT_PASSWORD = "12345678",
REVOLVING_FUND_PRODUCT = "101", REVOLVING_FUND_PRODUCT = "101",
INTERNAL_LENDING_PRODUCT = "102", INTERNAL_LENDING_PRODUCT = "102",

8
src/assets/data/sideMenu.json
Unescape Escape View File

@ -199,12 +199,6 @@
} }
] ]
}, },
{
"name": "Permissions",
"route": "",
"checked": false,
"expanded": false,
"children": [
{ {
"name": "PermissionManager", "name": "PermissionManager",
"route": "/home/permissions", "route": "/home/permissions",
@ -212,6 +206,4 @@
"expanded": false, "expanded": false,
"children": [] "children": []
} }
]
}
] ]
Write Preview
Loading…
Cancel
Save