Added logic to check server view permissions #339 #1.1.0.rc3

2023-08-16 20:55:42 +02:00 · 2023-08-16 20:55:42 +02:00 · e283a18def
commit e283a18def
parent f5b2bec356
5 changed files with 55 additions and 17 deletions
--- a/kdb-web/package.json
+++ b/kdb-web/package.json
@ -1,6 +1,6 @@
 {
    "name": "kdb-web",
-    "version": "1.1.0.rc2",
+    "version": "1.1.0.rc3",
    "scripts": {
        "ng": "ng",
        "update-version": "ts-node-esm update-version.ts",
--- a/kdb-web/src/app/models/auth/auth-user.dto.ts
+++ b/kdb-web/src/app/models/auth/auth-user.dto.ts
@ -25,3 +25,9 @@ export interface UserDTO {
  isAdmin: boolean;
  isModerator: boolean;
 }
 export enum MemberRoles {
  Moderator = 0,
  Admin = 1,
  Technician = 2,
 }
--- a/kdb-web/src/app/modules/shared/guards/auth/auth.guard.ts
+++ b/kdb-web/src/app/modules/shared/guards/auth/auth.guard.ts
@ -1,17 +1,20 @@
-import { Injectable } from '@angular/core';
+import { Injectable } from "@angular/core";
-import { ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot } from '@angular/router';
+import { ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot } from "@angular/router";
-import { catchError } from 'rxjs/operators';
+import { catchError } from "rxjs/operators";
-import { AuthService } from 'src/app/services/auth/auth.service';
+import { AuthService } from "src/app/services/auth/auth.service";
-import { ThemeService } from 'src/app/services/theme/theme.service';
+import { ThemeService } from "src/app/services/theme/theme.service";
 import { SidebarService } from "../../../../services/sidebar/sidebar.service";
 import { MemberRoles } from "../../../../models/auth/auth-user.dto";
@Injectable({
-  providedIn: 'root'
+  providedIn: "root"
 })
 export class AuthGuard implements CanActivate {
  constructor(
    private router: Router,
    private authService: AuthService,
-    private themeService: ThemeService
+    private themeService: ThemeService,
    private sidebarService: SidebarService
  ) {
  }
@ -26,19 +29,41 @@ export class AuthGuard implements CanActivate {
      return false;
    }
-    const role = route.data['role'];
+    const role = route.data["role"];
-    if (role) {
+    const memberRole = route.data["memberRole"];
    if (role !== undefined) {
      this.authService.hasUserPermission(role).then(async hasPermission => {
        let authUser = await this.authService.getLoggedInUser();
        let isTechnician = authUser?.users?.map(u => u.isTechnician).filter(u => u) ?? [];
        if (!hasPermission && !isTechnician) {
-          this.router.navigate(['/dashboard']);
+          this.router.navigate(["/dashboard"]);
          return false;
        }
        return true;
      });
    }
    if (memberRole !== undefined) {
      let userHasAccess = false;
      let authUser = await this.authService.getLoggedInUser();
      authUser?.users?.forEach(u => {
        if (u.server === +(this.sidebarService.server$.value?.id ?? 0)) {
          if (
            memberRole === MemberRoles.Moderator && u.isModerator ||
            memberRole === MemberRoles.Admin && u.isAdmin ||
            memberRole === MemberRoles.Technician && u.isTechnician
          ) {
            userHasAccess = true;
          }
        }
      });
      if (!userHasAccess) {
        this.router.navigate(["/dashboard"]);
        return false;
      }
      return true;
    }
    return true;
  }
 }
--- a/kdb-web/src/app/modules/view/server/server-routing.module.ts
+++ b/kdb-web/src/app/modules/view/server/server-routing.module.ts
@ -3,15 +3,22 @@ import { RouterModule, Routes } from "@angular/router";
 import { ServerDashboardComponent } from "./server-dashboard/server-dashboard.component";
 import { ProfileComponent } from "./profile/profile.component";
 import { MembersComponent } from "./members/members.component";
 import { AuthGuard } from "../../shared/guards/auth/auth.guard";
 import { MemberRoles } from "../../../models/auth/auth-user.dto";
 const routes: Routes = [
  { path: "", component: ServerDashboardComponent },
-  { path: "members", component: MembersComponent },
+  { path: "members", component: MembersComponent, canActivate: [AuthGuard], data: { memberRole: MemberRoles.Moderator } },
  { path: "members/:memberId", component: ProfileComponent },
-  { path: "auto-roles", loadChildren: () => import("./auto-role/auto-role.module").then(m => m.AutoRoleModule) },
+  {
-  { path: "levels", loadChildren: () => import("./levels/levels.module").then(m => m.LevelsModule) },
+    path: "auto-roles",
-  { path: "achievements", loadChildren: () => import("./achievements/achievements.module").then(m => m.AchievementsModule) },
+    loadChildren: () => import("./auto-role/auto-role.module").then(m => m.AutoRoleModule),
-  { path: "config", loadChildren: () => import("./config/config.module").then(m => m.ConfigModule) }
+    canActivate: [AuthGuard],
    data: { memberRole: MemberRoles.Moderator }
  },
  { path: "levels", loadChildren: () => import("./levels/levels.module").then(m => m.LevelsModule), canActivate: [AuthGuard], data: { memberRole: MemberRoles.Moderator } },
  { path: "achievements", loadChildren: () => import("./achievements/achievements.module").then(m => m.AchievementsModule), data: { memberRole: MemberRoles.Moderator } },
  { path: "config", loadChildren: () => import("./config/config.module").then(m => m.ConfigModule), data: { memberRole: MemberRoles.Admin } }
 ];
@NgModule({
--- a/kdb-web/src/assets/version.json
+++ b/kdb-web/src/assets/version.json
@ -2,6 +2,6 @@
    "WebVersion": {
        "Major": "1",
        "Minor": "1",
-        "Micro": "0.rc2"
+        "Micro": "0.rc3"
    }
 }