npm - @acorex/platform - Versions diffs - 20.8.18 → 20.8.21 - Mend

@acorex/platform 20.8.18 → 20.8.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/common/index.d.ts CHANGED Viewed

@@ -8,8 +8,8 @@ import { AXPValueTransformerFunctions, AXPOptionsData, AXPExpression, AXPFilterD
 import { AXPWidgetTypesMap, AXPMetaDataDefinition, AXPWidgetNode } from '@acorex/platform/layout/widget-core';
 import * as i3 from '@acorex/core/date-time';
 import { AXCalendarService } from '@acorex/core/date-time';
-import * as i6 from '@angular/router';
-import { Route, Routes } from '@angular/router';
+import * as _angular_router from '@angular/router';
+import { Route, Routes, Router, RedirectCommand, ActivatedRouteSnapshot, CanActivateFn } from '@angular/router';
 import * as i1 from '@acorex/platform/workflow';
 import { AXPWorkflowAction, AXPWorkflowContext, AXPWorkflow } from '@acorex/platform/workflow';
 import * as i4 from '@acorex/components/toast';
@@ -559,6 +559,22 @@ declare class AXPGlobalErrorHandler extends ErrorHandler {
     static ɵprov: i0.ɵɵInjectableDeclaration<AXPGlobalErrorHandler>;
 }
+/** Thrown when a requested platform resource cannot be resolved. */
+declare class AXPNotFoundError extends Error {
+    constructor(message?: string);
+}
+/** Canonical route path for the platform 404 page. */
+declare const AXP_NOT_FOUND_ROUTE = "/error/404";
+/**
+ * Returns true when an entity byKey query did not resolve a record.
+ */
+declare function axpIsEntityRecordNotFound(data: unknown): boolean;
+/**
+ * Creates an Angular redirect command to the platform 404 page.
+ */
+declare function axpRedirectToNotFound(router?: Router): RedirectCommand;
 interface AXPCommonModuleConfigs {
     errorHandlers: (new () => AXPErrorHandler)[];
 }
@@ -570,7 +586,7 @@ declare class AXPCommonModule {
      */
     constructor(instances: any[]);
     static ɵfac: i0.ɵɵFactoryDeclaration<AXPCommonModule, never>;
-    static ɵmod: i0.ɵɵNgModuleDeclaration<AXPCommonModule, never, [typeof i1.AXPWorkflowModule, typeof i2.AXPopupModule, typeof i3.AXDateTimeModule, typeof i4.AXToastModule, typeof i5.AXPModuleManifestModule], [typeof i6.RouterModule]>;
+    static ɵmod: i0.ɵɵNgModuleDeclaration<AXPCommonModule, never, [typeof i1.AXPWorkflowModule, typeof i2.AXPopupModule, typeof i3.AXDateTimeModule, typeof i4.AXToastModule, typeof i5.AXPModuleManifestModule], [typeof _angular_router.RouterModule]>;
     static ɵinj: i0.ɵɵInjectorDeclaration<AXPCommonModule>;
 }
@@ -1573,6 +1589,56 @@ declare class AXPMenuVisibilityService {
     static ɵprov: i0.ɵɵInjectableDeclaration<AXPMenuVisibilityService>;
 }
+interface AXPMenuRouteMatchResult {
+    item: AXPMenuItem;
+    isPartialMatch: boolean;
+}
+/**
+ * Compares a menu item path with the current browser path.
+ * Mirrors the matching rules used when selecting the active menu item.
+ */
+declare function axpMenuPathsMatch(itemPath: string, currentPath: string, trailingSegmentsToIgnore?: string[]): {
+    isMatch: boolean;
+    isPartial: boolean;
+};
+/**
+ * Finds the most specific menu item that matches the given route path.
+ */
+declare function axpFindMenuItemByRoute(items: AXPMenuItem[], currentPath: string, trailingSegmentsToIgnore?: string[]): AXPMenuRouteMatchResult | null;
+/**
+ * Resolves route access using the same permission and feature policies defined on menu items.
+ */
+declare class AXPMenuRoutePermissionService {
+    private readonly menuProvider;
+    private readonly menuVisibility;
+    private readonly sessionService;
+    private readonly toastService;
+    private readonly translationService;
+    /**
+     * Checks whether navigation to the target URL is allowed for the current user.
+     */
+    canAccess(route: ActivatedRouteSnapshot, url: string): Promise<boolean>;
+    private shouldSkip;
+    private hasRouteFlag;
+    private hasExplicitRouteAccess;
+    private getInheritedRouteData;
+    private normalizeKeys;
+    private normalizeUrl;
+    private showAccessDeniedToast;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AXPMenuRoutePermissionService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AXPMenuRoutePermissionService>;
+}
+/**
+ * Blocks navigation when the target route matches a menu item the current user cannot access.
+ * Uses the same permission and feature policies applied to menu visibility.
+ */
+declare const AXPMenuPermissionGuard: CanActivateFn;
+/** Standard guards for authenticated routes with menu-based permission enforcement. */
+declare const AXP_PROTECTED_ROUTE_GUARDS: readonly [_angular_router.CanActivateFn, _angular_router.CanActivateFn];
 interface AXPSearchDefinitionDisplayFormat {
     title?: string;
     description?: string;
@@ -2734,5 +2800,5 @@ declare class AXMWorkflowErrorHandler implements AXPErrorHandler {
     static ɵprov: i0.ɵɵInjectableDeclaration<AXMWorkflowErrorHandler>;
 }
-export { ALL_DEFAULT_OPERATORS, AXMWorkflowErrorHandler, AXPAppVersionService, AXPCleanNestedFilters, AXPClipBoardService, AXPCommonModule, AXPCommonSettings, AXPCustomOperatorService, AXPCustomOperatorServiceImpl, AXPDataProvider, AXPDebugService, AXPDialogConfirmAction, AXPEntityCommandScope, AXPEntityQueryType, AXPErrorHandlerRegistryService, AXPExportService, AXPFileActionsService, AXPFileStorageService, AXPFileStorageStatus, AXPFileTypeProviderService, AXPFilterOperatorMiddlewareService, AXPFilterOperatorMiddlewareServiceImpl, AXPFooterTextSlotComponent, AXPGlobalErrorHandler, AXPHomePageModule, AXPHomePageService, AXPLockService, AXPMenuMiddlewareRegistry, AXPMenuProviderService, AXPMenuSearchDefinitionProvider, AXPMenuSearchProvider, AXPMenuService, AXPMenuVisibilityService, AXPNavBarSlotComponent, AXPNavigateWorkflow, AXPPlatformDefaultConfigs, AXPRedirectEvent, AXPRefreshEvent, AXPRegionalSetting, AXPRelationshipCardinality, AXPRelationshipKind, AXPReloadAction, AXPReloadEvent, AXPSearchCommandProvider, AXPSearchDefinitionActionBuilder, AXPSearchDefinitionBuilder, AXPSearchDefinitionProviderContext, AXPSearchDefinitionProviderService, AXPSearchService, AXPSettingDefaultValuesAggregatorService, AXPSettingDefinitionGroupBuilder, AXPSettingDefinitionProviderContext, AXPSettingDefinitionProviderService, AXPSettingDefinitionSectionBuilder, AXPSettingsService, AXPStatusDefinitionProviderService, AXPStatusProvider, AXPStickyDirective, AXPSystemStatusType, AXPSystemStatuses, AXPToastAction, AXPTokenDefinitionService, AXPTokenEvaluatorScopeProvider, AXPVersioningService, AXPWorkflowNavigateAction, AXPWorkflowRouterNavigateAction, AXP_APP_VERSION_PROVIDER, AXP_FILE_ACTION_PROVIDER, AXP_FILE_TYPE_INFO_PROVIDER, AXP_HOME_PAGES, AXP_HOME_PAGE_DEFAULT_KEY, AXP_MENU_MIDDLEWARE, AXP_MENU_PROVIDER, AXP_PLATFORM_CONFIG_TOKEN, AXP_ROOT_CONFIG_TOKEN, AXP_SEARCH_DEFINITION_PROVIDER, AXP_SEARCH_PROVIDER, AXP_SETTING_DEFAULT_VALUES_PROVIDERS, AXP_SETTING_DEFINITION_PROVIDER, AXP_SETTING_VALUE_PROVIDER, AXP_STATUS_PROVIDERS, AXP_TOKEN_DEFINITION_PROVIDER, AXVChangeType, BETWEEN_OPER, BOOLEAN_OPERATORS, CONTAINS_OPER, DATE_OPERATORS, DEFAULT_DATE_FILTER_PRESETS, ENDS_WITH_OPER, ENVIRONMENT, EQ_OPER, GTE_OPER, GT_OPER, IN_OPER, IS_EMPTY_OPER, IS_NOT_EMPTY_OPER, LTE_OPER, LT_OPER, NOT_CONTAINS_OPER, NOT_EQ_OPER, NUMBER_OPERATORS, STARTS_WITH_OPER, STRING_OPERATORS, UploadFromComputerActionProvider, applyDateFilterPreset, configPlatform, createAllQueryView, createMenuContext, createMenuMiddleware, createQueryView, findManualPresetIdByOperation, getEntityInfo, getStatusInfo, getSystemStatus, provideDynamicHomePage, provideMenuMiddleware, resolveDateFilterPresets, resolveStatusLook, systemStatusToDefinition };
-export type { AXCFileUploaderAction, AXCFileUploaderActionsPayload, AXCFileUploaderCapabilities, AXEntityPropertyWidget, AXPAggregate, AXPAppVersion, AXPAppVersionProvider, AXPApplication, AXPCategoryEntity, AXPColumnAlign, AXPColumnContentAlign, AXPCommandActionCallback, AXPCommandActionDisplay, AXPCommandActionLook, AXPCommandActionPriority, AXPCommandActionType, AXPCommonModuleConfigs, AXPCurrency, AXPDateTimeFilterPreset, AXPDateTimeFilterPresetKind, AXPDateTimeFilterValue, AXPDomToImageOptions, AXPEntity, AXPEntityAction, AXPEntityCommand, AXPEntityDetailListView, AXPEntityMasterCreateLayoutView, AXPEntityMasterLayoutView, AXPEntityMasterListView, AXPEntityMasterSingleLayoutView, AXPEntityMasterUpdateLayoutView, AXPEntityProperty, AXPEntityPropertyCreateView, AXPEntityPropertyGroup, AXPEntityPropertyLayoutConfig, AXPEntityPropertyUpdateView, AXPEntityPropertyView, AXPEntityQuery, AXPEntitySectionView, AXPEntityTableColumn, AXPEntityVersionHistory, AXPErrorHandler, AXPFileActionProvider, AXPFileActionProviderToken, AXPFileExtension, AXPFileManyStorageInfo, AXPFileStorageCreateRequest, AXPFileStorageFindRequest, AXPFileStorageInfo, AXPFileStorageUpdateRequest, AXPFileType, AXPFileTypeInfoProvider, AXPFilterOperator, AXPGeoLocation, AXPGroupSearchResult, AXPHomePageDefinition, AXPLanguage, AXPLocaleProfile, AXPLockGetInfoRequest, AXPLockInfo, AXPLockRequest, AXPLockType, AXPMenuFinderResult, AXPMenuInsertion, AXPMenuItem, AXPMenuItemCommand, AXPMenuItemFinder, AXPMenuItemWithParent, AXPMenuMiddleware, AXPMenuMiddlewareContext, AXPMenuMiddlewareProvider, AXPMenuProvider, AXPMenuProviderContext, AXPMenuType, AXPModule, AXPPlatformConfigs, AXPQueryFilter, AXPQuerySort, AXPQueryView, AXPRelatedEntity, AXPRelationship, AXPRootConfigs, AXPSearchAction, AXPSearchDefinition, AXPSearchDefinitionDisplayFormat, AXPSearchDefinitionProvider, AXPSearchDisplayGroupResult, AXPSearchDisplayResult, AXPSearchDisplayResultForSave, AXPSearchParentResult, AXPSearchProvider, AXPSearchResult, AXPSettingChangedEvent, AXPSettingDefaultValuesProvider, AXPSettingDefinition, AXPSettingDefinitionGroup, AXPSettingDefinitionProvider, AXPSettingDefinitionSection, AXPSettingValue, AXPSettingValueProvider, AXPSettingsServiceInterface, AXPStatusDefinition, AXPStatusTransition, AXPTimeZone, AXPTokenDefinition, AXPTokenDefinitionProvider, AXPTokenDefinitionProviderToken, AXPUnLockRequest, AXPVersionChange, AXPVersionEntry, AXPVersionStream, CanonicalChange, CanonicalChangeOp, VersionedFileInfo };
+export { ALL_DEFAULT_OPERATORS, AXMWorkflowErrorHandler, AXPAppVersionService, AXPCleanNestedFilters, AXPClipBoardService, AXPCommonModule, AXPCommonSettings, AXPCustomOperatorService, AXPCustomOperatorServiceImpl, AXPDataProvider, AXPDebugService, AXPDialogConfirmAction, AXPEntityCommandScope, AXPEntityQueryType, AXPErrorHandlerRegistryService, AXPExportService, AXPFileActionsService, AXPFileStorageService, AXPFileStorageStatus, AXPFileTypeProviderService, AXPFilterOperatorMiddlewareService, AXPFilterOperatorMiddlewareServiceImpl, AXPFooterTextSlotComponent, AXPGlobalErrorHandler, AXPHomePageModule, AXPHomePageService, AXPLockService, AXPMenuMiddlewareRegistry, AXPMenuPermissionGuard, AXPMenuProviderService, AXPMenuRoutePermissionService, AXPMenuSearchDefinitionProvider, AXPMenuSearchProvider, AXPMenuService, AXPMenuVisibilityService, AXPNavBarSlotComponent, AXPNavigateWorkflow, AXPNotFoundError, AXPPlatformDefaultConfigs, AXPRedirectEvent, AXPRefreshEvent, AXPRegionalSetting, AXPRelationshipCardinality, AXPRelationshipKind, AXPReloadAction, AXPReloadEvent, AXPSearchCommandProvider, AXPSearchDefinitionActionBuilder, AXPSearchDefinitionBuilder, AXPSearchDefinitionProviderContext, AXPSearchDefinitionProviderService, AXPSearchService, AXPSettingDefaultValuesAggregatorService, AXPSettingDefinitionGroupBuilder, AXPSettingDefinitionProviderContext, AXPSettingDefinitionProviderService, AXPSettingDefinitionSectionBuilder, AXPSettingsService, AXPStatusDefinitionProviderService, AXPStatusProvider, AXPStickyDirective, AXPSystemStatusType, AXPSystemStatuses, AXPToastAction, AXPTokenDefinitionService, AXPTokenEvaluatorScopeProvider, AXPVersioningService, AXPWorkflowNavigateAction, AXPWorkflowRouterNavigateAction, AXP_APP_VERSION_PROVIDER, AXP_FILE_ACTION_PROVIDER, AXP_FILE_TYPE_INFO_PROVIDER, AXP_HOME_PAGES, AXP_HOME_PAGE_DEFAULT_KEY, AXP_MENU_MIDDLEWARE, AXP_MENU_PROVIDER, AXP_NOT_FOUND_ROUTE, AXP_PLATFORM_CONFIG_TOKEN, AXP_PROTECTED_ROUTE_GUARDS, AXP_ROOT_CONFIG_TOKEN, AXP_SEARCH_DEFINITION_PROVIDER, AXP_SEARCH_PROVIDER, AXP_SETTING_DEFAULT_VALUES_PROVIDERS, AXP_SETTING_DEFINITION_PROVIDER, AXP_SETTING_VALUE_PROVIDER, AXP_STATUS_PROVIDERS, AXP_TOKEN_DEFINITION_PROVIDER, AXVChangeType, BETWEEN_OPER, BOOLEAN_OPERATORS, CONTAINS_OPER, DATE_OPERATORS, DEFAULT_DATE_FILTER_PRESETS, ENDS_WITH_OPER, ENVIRONMENT, EQ_OPER, GTE_OPER, GT_OPER, IN_OPER, IS_EMPTY_OPER, IS_NOT_EMPTY_OPER, LTE_OPER, LT_OPER, NOT_CONTAINS_OPER, NOT_EQ_OPER, NUMBER_OPERATORS, STARTS_WITH_OPER, STRING_OPERATORS, UploadFromComputerActionProvider, applyDateFilterPreset, axpFindMenuItemByRoute, axpIsEntityRecordNotFound, axpMenuPathsMatch, axpRedirectToNotFound, configPlatform, createAllQueryView, createMenuContext, createMenuMiddleware, createQueryView, findManualPresetIdByOperation, getEntityInfo, getStatusInfo, getSystemStatus, provideDynamicHomePage, provideMenuMiddleware, resolveDateFilterPresets, resolveStatusLook, systemStatusToDefinition };
+export type { AXCFileUploaderAction, AXCFileUploaderActionsPayload, AXCFileUploaderCapabilities, AXEntityPropertyWidget, AXPAggregate, AXPAppVersion, AXPAppVersionProvider, AXPApplication, AXPCategoryEntity, AXPColumnAlign, AXPColumnContentAlign, AXPCommandActionCallback, AXPCommandActionDisplay, AXPCommandActionLook, AXPCommandActionPriority, AXPCommandActionType, AXPCommonModuleConfigs, AXPCurrency, AXPDateTimeFilterPreset, AXPDateTimeFilterPresetKind, AXPDateTimeFilterValue, AXPDomToImageOptions, AXPEntity, AXPEntityAction, AXPEntityCommand, AXPEntityDetailListView, AXPEntityMasterCreateLayoutView, AXPEntityMasterLayoutView, AXPEntityMasterListView, AXPEntityMasterSingleLayoutView, AXPEntityMasterUpdateLayoutView, AXPEntityProperty, AXPEntityPropertyCreateView, AXPEntityPropertyGroup, AXPEntityPropertyLayoutConfig, AXPEntityPropertyUpdateView, AXPEntityPropertyView, AXPEntityQuery, AXPEntitySectionView, AXPEntityTableColumn, AXPEntityVersionHistory, AXPErrorHandler, AXPFileActionProvider, AXPFileActionProviderToken, AXPFileExtension, AXPFileManyStorageInfo, AXPFileStorageCreateRequest, AXPFileStorageFindRequest, AXPFileStorageInfo, AXPFileStorageUpdateRequest, AXPFileType, AXPFileTypeInfoProvider, AXPFilterOperator, AXPGeoLocation, AXPGroupSearchResult, AXPHomePageDefinition, AXPLanguage, AXPLocaleProfile, AXPLockGetInfoRequest, AXPLockInfo, AXPLockRequest, AXPLockType, AXPMenuFinderResult, AXPMenuInsertion, AXPMenuItem, AXPMenuItemCommand, AXPMenuItemFinder, AXPMenuItemWithParent, AXPMenuMiddleware, AXPMenuMiddlewareContext, AXPMenuMiddlewareProvider, AXPMenuProvider, AXPMenuProviderContext, AXPMenuRouteMatchResult, AXPMenuType, AXPModule, AXPPlatformConfigs, AXPQueryFilter, AXPQuerySort, AXPQueryView, AXPRelatedEntity, AXPRelationship, AXPRootConfigs, AXPSearchAction, AXPSearchDefinition, AXPSearchDefinitionDisplayFormat, AXPSearchDefinitionProvider, AXPSearchDisplayGroupResult, AXPSearchDisplayResult, AXPSearchDisplayResultForSave, AXPSearchParentResult, AXPSearchProvider, AXPSearchResult, AXPSettingChangedEvent, AXPSettingDefaultValuesProvider, AXPSettingDefinition, AXPSettingDefinitionGroup, AXPSettingDefinitionProvider, AXPSettingDefinitionSection, AXPSettingValue, AXPSettingValueProvider, AXPSettingsServiceInterface, AXPStatusDefinition, AXPStatusTransition, AXPTimeZone, AXPTokenDefinition, AXPTokenDefinitionProvider, AXPTokenDefinitionProviderToken, AXPUnLockRequest, AXPVersionChange, AXPVersionEntry, AXPVersionStream, CanonicalChange, CanonicalChangeOp, VersionedFileInfo };

package/fesm2022/acorex-platform-common.mjs CHANGED Viewed

@@ -1,9 +1,9 @@
 import * as i0 from '@angular/core';
 import { InjectionToken, inject, Injectable, Injector, makeEnvironmentProviders, NgModule, ErrorHandler, EventEmitter, Input, Output, Directive, Component, ViewEncapsulation, Inject, runInInjectionContext, signal, model, linkedSignal, afterNextRender } from '@angular/core';
 import { kebabCase, merge, sortBy, cloneDeep, get, omit } from 'lodash-es';
-import { Router, ROUTES, RouterModule } from '@angular/router';
-import { AXPSessionService, AXPSessionStatus } from '@acorex/platform/auth';
-import { Subject, distinctUntilChanged, merge as merge$1 } from 'rxjs';
+import { Router, ROUTES, RedirectCommand, RouterModule } from '@angular/router';
+import { AXPSessionService, AXPSessionStatus, AXPAuthGuard } from '@acorex/platform/auth';
+import { Subject, distinctUntilChanged, merge as merge$1, first, switchMap, from } from 'rxjs';
 import { AXPPlatformScope, AXPBroadcastEventService, objectKeyValueTransforms, AXPSystemActionType, AXPModuleManifestModule, AXPAppStartUpProvider, AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER, AXPHookService, AXPDataGenerator, AXPModuleManifestRegistry } from '@acorex/platform/core';
 import { AXTranslationService } from '@acorex/core/translation';
 import { AXPWidgetsCatalog } from '@acorex/platform/layout/widget-core';
@@ -1270,6 +1270,29 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.19", ngImpo
             args: [{ providedIn: 'root' }]
         }], ctorParameters: () => [{ type: i0.Injector }, { type: AXPErrorHandlerRegistryService }] });
+/** Thrown when a requested platform resource cannot be resolved. */
+class AXPNotFoundError extends Error {
+    constructor(message = 'Resource not found') {
+        super(message);
+        this.name = 'AXPNotFoundError';
+    }
+}
+/** Canonical route path for the platform 404 page. */
+const AXP_NOT_FOUND_ROUTE = '/error/404';
+/**
+ * Returns true when an entity byKey query did not resolve a record.
+ */
+function axpIsEntityRecordNotFound(data) {
+    return data == null;
+}
+/**
+ * Creates an Angular redirect command to the platform 404 page.
+ */
+function axpRedirectToNotFound(router = inject(Router)) {
+    return new RedirectCommand(router.parseUrl(AXP_NOT_FOUND_ROUTE));
+}
 const AXP_TOKEN_DEFINITION_PROVIDER = new InjectionToken('AXP_TOKEN_DEFINITION_PROVIDER', {
     factory: () => [],
 });
@@ -2291,6 +2314,95 @@ function createMenuMiddleware(config) {
 }
 //#endregion
+const DEFAULT_TRAILING_SEGMENTS = ['list', 'view', 'edit', 'create'];
+/**
+ * Compares a menu item path with the current browser path.
+ * Mirrors the matching rules used when selecting the active menu item.
+ */
+function axpMenuPathsMatch(itemPath, currentPath, trailingSegmentsToIgnore = DEFAULT_TRAILING_SEGMENTS) {
+    const itemNoHash = itemPath.split('#')[0];
+    const currentNoHash = currentPath.split('#')[0];
+    const [itemBase, itemQueryString = ''] = itemNoHash.split('?');
+    const [currentBase, currentQueryString = ''] = currentNoHash.split('?');
+    const itemSegments = itemBase.split('/').filter((segment) => segment.length > 0);
+    const pathSegments = currentBase.split('/').filter((segment) => segment.length > 0);
+    const menuLength = itemSegments.length;
+    const pathLength = pathSegments.length;
+    let effectiveMenuLength = menuLength;
+    if (menuLength > 0 && trailingSegmentsToIgnore.includes(itemSegments[menuLength - 1])) {
+        effectiveMenuLength--;
+    }
+    if (pathLength < effectiveMenuLength) {
+        return { isMatch: false, isPartial: false };
+    }
+    let isPrefix = true;
+    for (let i = 0; i < effectiveMenuLength; i++) {
+        if (itemSegments[i] !== pathSegments[i]) {
+            isPrefix = false;
+            break;
+        }
+    }
+    if (!isPrefix) {
+        return { isMatch: false, isPartial: false };
+    }
+    const isPartialMatch = effectiveMenuLength < pathLength;
+    const isExactMatch = effectiveMenuLength === pathLength;
+    const itemParams = new URLSearchParams(itemQueryString);
+    const currentParams = new URLSearchParams(currentQueryString);
+    let queryMatches = true;
+    const itemParamPairs = [];
+    itemParams.forEach((value, key) => {
+        itemParamPairs.push([key, value]);
+    });
+    if (itemParamPairs.length > 0) {
+        for (const [key, value] of itemParamPairs) {
+            if (currentParams.get(key) !== value) {
+                queryMatches = false;
+                break;
+            }
+        }
+    }
+    return {
+        isMatch: (isExactMatch || isPartialMatch) && queryMatches,
+        isPartial: isPartialMatch && !isExactMatch,
+    };
+}
+/**
+ * Finds the most specific menu item that matches the given route path.
+ */
+function axpFindMenuItemByRoute(items, currentPath, trailingSegmentsToIgnore = DEFAULT_TRAILING_SEGMENTS) {
+    let bestMatch = null;
+    let bestEffectiveLength = -1;
+    const visit = (menuItems) => {
+        for (const item of menuItems) {
+            if (item.children?.length) {
+                visit(item.children);
+            }
+            if (!item.path) {
+                continue;
+            }
+            const matchResult = axpMenuPathsMatch(item.path, currentPath, trailingSegmentsToIgnore);
+            if (!matchResult.isMatch) {
+                continue;
+            }
+            const itemNoHash = item.path.split('#')[0];
+            const [itemBase] = itemNoHash.split('?');
+            const itemSegments = itemBase.split('/').filter((segment) => segment.length > 0);
+            let effectiveMenuLength = itemSegments.length;
+            if (itemSegments.length > 0 &&
+                trailingSegmentsToIgnore.includes(itemSegments[itemSegments.length - 1])) {
+                effectiveMenuLength--;
+            }
+            if (effectiveMenuLength > bestEffectiveLength) {
+                bestEffectiveLength = effectiveMenuLength;
+                bestMatch = { item, isPartialMatch: matchResult.isPartial };
+            }
+        }
+    };
+    visit(items);
+    return bestMatch;
+}
 const AXPMenuService = signalStore({ providedIn: 'root' },
 // Initial State
 withState((router = inject(Router)) => {
@@ -2321,7 +2433,7 @@ withMethods((store, router = inject(Router), workflow = inject(AXPWorkflowServic
                     }
                     if (item.path) {
                         // Check if the item path matches the current path (including query param subset if provided on item)
-                        const matchResult = pathsMatch(item.path, currentRawPath, ['list', 'view', 'edit', 'create']);
+                        const matchResult = axpMenuPathsMatch(item.path, currentRawPath, ['list', 'view', 'edit', 'create']);
                         if (matchResult.isMatch) {
                             return { item, isPartialMatch: matchResult.isPartial };
                         }
@@ -2329,60 +2441,6 @@ withMethods((store, router = inject(Router), workflow = inject(AXPWorkflowServic
                 }
                 return { item: null, isPartialMatch: false };
             };
-            const pathsMatch = (itemPath, currentPath, trailingSegmentsToIgnore = []) => {
-                // Split base and query/hash
-                const itemNoHash = itemPath.split('#')[0];
-                const currentNoHash = currentPath.split('#')[0];
-                const [itemBase, itemQueryString = ''] = itemNoHash.split('?');
-                const [currentBase, currentQueryString = ''] = currentNoHash.split('?');
-                const itemSegments = itemBase.split('/').filter((segment) => segment.length > 0);
-                const pathSegments = currentBase.split('/').filter((segment) => segment.length > 0);
-                const menuLength = itemSegments.length;
-                const pathLength = pathSegments.length;
-                // Identify the effective base length for the menuPath
-                let effectiveMenuLength = menuLength;
-                if (menuLength > 0 && trailingSegmentsToIgnore.includes(itemSegments[menuLength - 1])) {
-                    effectiveMenuLength--; // Exclude trailing non-hierarchical segments
-                }
-                // Check if the menuPath (base segments) is a prefix of browserPath
-                let isPrefix = true;
-                if (pathLength < effectiveMenuLength) {
-                    return { isMatch: false, isPartial: false };
-                }
-                for (let i = 0; i < effectiveMenuLength; i++) {
-                    if (itemSegments[i] !== pathSegments[i]) {
-                        isPrefix = false;
-                        break;
-                    }
-                }
-                if (!isPrefix) {
-                    return { isMatch: false, isPartial: false };
-                }
-                // Partial match: menuPath base is a strict prefix of browserPath
-                const isPartialMatch = effectiveMenuLength < pathLength;
-                // Exact match: all segments match completely
-                const isExactMatch = effectiveMenuLength === pathLength;
-                // Query params subset match: if item defines any query params, require them to match
-                const itemParams = new URLSearchParams(itemQueryString);
-                const currentParams = new URLSearchParams(currentQueryString);
-                let queryMatches = true;
-                const itemParamPairs = [];
-                itemParams.forEach((value, key) => {
-                    itemParamPairs.push([key, value]);
-                });
-                if (itemParamPairs.length > 0) {
-                    for (const [k, v] of itemParamPairs) {
-                        if (currentParams.get(k) !== v) {
-                            queryMatches = false;
-                            break;
-                        }
-                    }
-                }
-                return {
-                    isMatch: (isExactMatch || isPartialMatch) && queryMatches,
-                    isPartial: isPartialMatch && !isExactMatch,
-                };
-            };
             const items = store.items();
             const { item, isPartialMatch } = findItem(items);
             patchState(store, { selectedMenuItem: { item, isFullMatch: !isPartialMatch } });
@@ -2542,6 +2600,137 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.19", ngImpo
             args: [{ providedIn: 'root' }]
         }] });
+const SKIP_ROUTE_PREFIXES = ['/auth', '/error'];
+const SKIP_ROUTE_PATHS = new Set(['/404', '/401']);
+//#region ----   Menu Route Permission Service   ----
+/**
+ * Resolves route access using the same permission and feature policies defined on menu items.
+ */
+class AXPMenuRoutePermissionService {
+    constructor() {
+        //#region ----   Services & Dependencies   ----
+        this.menuProvider = inject(AXPMenuProviderService);
+        this.menuVisibility = inject(AXPMenuVisibilityService);
+        this.sessionService = inject(AXPSessionService);
+        this.toastService = inject(AXToastService);
+        this.translationService = inject(AXTranslationService);
+    }
+    //#endregion
+    //#region ----   Public Methods   ----
+    /**
+     * Checks whether navigation to the target URL is allowed for the current user.
+     */
+    async canAccess(route, url) {
+        if (this.shouldSkip(route, url)) {
+            return true;
+        }
+        if (!this.hasExplicitRouteAccess(route)) {
+            await this.showAccessDeniedToast();
+            return false;
+        }
+        const menuItems = await this.menuProvider.items();
+        const menuMatch = axpFindMenuItemByRoute(menuItems, url);
+        if (!menuMatch) {
+            return true;
+        }
+        if (this.menuVisibility.isItemVisible(menuMatch.item)) {
+            return true;
+        }
+        await this.showAccessDeniedToast();
+        return false;
+    }
+    //#endregion
+    //#region ----   Utility Methods   ----
+    shouldSkip(route, url) {
+        if (this.hasRouteFlag(route, 'skipMenuPermissionGuard')) {
+            return true;
+        }
+        const normalizedUrl = this.normalizeUrl(url);
+        if (SKIP_ROUTE_PATHS.has(normalizedUrl)) {
+            return true;
+        }
+        return SKIP_ROUTE_PREFIXES.some((prefix) => normalizedUrl.startsWith(prefix));
+    }
+    hasRouteFlag(route, key) {
+        let current = route;
+        while (current) {
+            if (current.data?.[key] === true) {
+                return true;
+            }
+            current = current.parent;
+        }
+        return false;
+    }
+    hasExplicitRouteAccess(route) {
+        const requiredPermission = this.getInheritedRouteData(route, 'requiredPermission');
+        const requiredFeature = this.getInheritedRouteData(route, 'requiredFeature');
+        const permissionKeys = this.normalizeKeys(requiredPermission);
+        if (permissionKeys.length > 0 && !this.sessionService.authorize(...permissionKeys)) {
+            return false;
+        }
+        const featureKeys = this.normalizeKeys(requiredFeature);
+        if (featureKeys.length > 0 && !this.sessionService.isFeatureEnabled(...featureKeys)) {
+            return false;
+        }
+        return true;
+    }
+    getInheritedRouteData(route, key) {
+        let current = route;
+        while (current) {
+            const value = current.data?.[key];
+            if (value != null) {
+                return value;
+            }
+            current = current.parent;
+        }
+        return null;
+    }
+    normalizeKeys(keys) {
+        if (!keys) {
+            return [];
+        }
+        return Array.isArray(keys) ? keys : [keys];
+    }
+    normalizeUrl(url) {
+        const path = url.split('?')[0]?.split('#')[0] ?? url;
+        return path.startsWith('/') ? path : `/${path}`;
+    }
+    async showAccessDeniedToast() {
+        const title = await this.translationService.translateAsync('@general:messages.network.forbidden.title');
+        const description = await this.translationService.translateAsync('@general:messages.network.forbidden.description');
+        this.toastService.show({
+            color: 'danger',
+            title,
+            content: description,
+            timeOut: 5000,
+        });
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.19", ngImport: i0, type: AXPMenuRoutePermissionService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.3.19", ngImport: i0, type: AXPMenuRoutePermissionService, providedIn: 'root' }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.19", ngImport: i0, type: AXPMenuRoutePermissionService, decorators: [{
+            type: Injectable,
+            args: [{ providedIn: 'root' }]
+        }] });
+/**
+ * Blocks navigation when the target route matches a menu item the current user cannot access.
+ * Uses the same permission and feature policies applied to menu visibility.
+ */
+const AXPMenuPermissionGuard = (route, state) => {
+    const sessionService = inject(AXPSessionService);
+    const menuRoutePermissionService = inject(AXPMenuRoutePermissionService);
+    return sessionService.isAuthorized$.pipe(first(), switchMap((isAuthorized) => {
+        if (!isAuthorized) {
+            return from(Promise.resolve(true));
+        }
+        return from(menuRoutePermissionService.canAccess(route, state.url));
+    }));
+};
+/** Standard guards for authenticated routes with menu-based permission enforcement. */
+const AXP_PROTECTED_ROUTE_GUARDS = [AXPAuthGuard, AXPMenuPermissionGuard];
 class AXPMenuSearchDefinitionProvider {
     async provide(context) {
         context.addDefinition('menu', 'Menu', 'menu', 'fa-thin fa-bars', 2, {
@@ -4388,5 +4577,5 @@ class AXPVersioningService {
  * Generated bundle index. Do not edit.
  */
-export { ALL_DEFAULT_OPERATORS, AXMWorkflowErrorHandler, AXPAppVersionService, AXPCleanNestedFilters, AXPClipBoardService, AXPCommonModule, AXPCommonSettings, AXPCustomOperatorService, AXPCustomOperatorServiceImpl, AXPDataProvider, AXPDebugService, AXPDialogConfirmAction, AXPEntityCommandScope, AXPEntityQueryType, AXPErrorHandlerRegistryService, AXPExportService, AXPFileActionsService, AXPFileStorageService, AXPFileStorageStatus, AXPFileTypeProviderService, AXPFilterOperatorMiddlewareService, AXPFilterOperatorMiddlewareServiceImpl, AXPFooterTextSlotComponent, AXPGlobalErrorHandler, AXPHomePageModule, AXPHomePageService, AXPLockService, AXPMenuMiddlewareRegistry, AXPMenuProviderService, AXPMenuSearchDefinitionProvider, AXPMenuSearchProvider, AXPMenuService, AXPMenuVisibilityService, AXPNavBarSlotComponent, AXPNavigateWorkflow, AXPPlatformDefaultConfigs, AXPRedirectEvent, AXPRefreshEvent, AXPRegionalSetting, AXPRelationshipCardinality, AXPRelationshipKind, AXPReloadAction, AXPReloadEvent, AXPSearchCommandProvider, AXPSearchDefinitionActionBuilder, AXPSearchDefinitionBuilder, AXPSearchDefinitionProviderContext, AXPSearchDefinitionProviderService, AXPSearchService, AXPSettingDefaultValuesAggregatorService, AXPSettingDefinitionGroupBuilder, AXPSettingDefinitionProviderContext, AXPSettingDefinitionProviderService, AXPSettingDefinitionSectionBuilder, AXPSettingsService, AXPStatusDefinitionProviderService, AXPStatusProvider, AXPStickyDirective, AXPSystemStatusType, AXPSystemStatuses, AXPToastAction, AXPTokenDefinitionService, AXPTokenEvaluatorScopeProvider, AXPVersioningService, AXPWorkflowNavigateAction, AXPWorkflowRouterNavigateAction, AXP_APP_VERSION_PROVIDER, AXP_FILE_ACTION_PROVIDER, AXP_FILE_TYPE_INFO_PROVIDER, AXP_HOME_PAGES, AXP_HOME_PAGE_DEFAULT_KEY, AXP_MENU_MIDDLEWARE, AXP_MENU_PROVIDER, AXP_PLATFORM_CONFIG_TOKEN, AXP_ROOT_CONFIG_TOKEN, AXP_SEARCH_DEFINITION_PROVIDER, AXP_SEARCH_PROVIDER, AXP_SETTING_DEFAULT_VALUES_PROVIDERS, AXP_SETTING_DEFINITION_PROVIDER, AXP_SETTING_VALUE_PROVIDER, AXP_STATUS_PROVIDERS, AXP_TOKEN_DEFINITION_PROVIDER, AXVChangeType, BETWEEN_OPER, BOOLEAN_OPERATORS, CONTAINS_OPER, DATE_OPERATORS, DEFAULT_DATE_FILTER_PRESETS, ENDS_WITH_OPER, ENVIRONMENT, EQ_OPER, GTE_OPER, GT_OPER, IN_OPER, IS_EMPTY_OPER, IS_NOT_EMPTY_OPER, LTE_OPER, LT_OPER, NOT_CONTAINS_OPER, NOT_EQ_OPER, NUMBER_OPERATORS, STARTS_WITH_OPER, STRING_OPERATORS, UploadFromComputerActionProvider, applyDateFilterPreset, configPlatform, createAllQueryView, createMenuContext, createMenuMiddleware, createQueryView, findManualPresetIdByOperation, getEntityInfo, getStatusInfo, getSystemStatus, provideDynamicHomePage, provideMenuMiddleware, resolveDateFilterPresets, resolveStatusLook, systemStatusToDefinition };
+export { ALL_DEFAULT_OPERATORS, AXMWorkflowErrorHandler, AXPAppVersionService, AXPCleanNestedFilters, AXPClipBoardService, AXPCommonModule, AXPCommonSettings, AXPCustomOperatorService, AXPCustomOperatorServiceImpl, AXPDataProvider, AXPDebugService, AXPDialogConfirmAction, AXPEntityCommandScope, AXPEntityQueryType, AXPErrorHandlerRegistryService, AXPExportService, AXPFileActionsService, AXPFileStorageService, AXPFileStorageStatus, AXPFileTypeProviderService, AXPFilterOperatorMiddlewareService, AXPFilterOperatorMiddlewareServiceImpl, AXPFooterTextSlotComponent, AXPGlobalErrorHandler, AXPHomePageModule, AXPHomePageService, AXPLockService, AXPMenuMiddlewareRegistry, AXPMenuPermissionGuard, AXPMenuProviderService, AXPMenuRoutePermissionService, AXPMenuSearchDefinitionProvider, AXPMenuSearchProvider, AXPMenuService, AXPMenuVisibilityService, AXPNavBarSlotComponent, AXPNavigateWorkflow, AXPNotFoundError, AXPPlatformDefaultConfigs, AXPRedirectEvent, AXPRefreshEvent, AXPRegionalSetting, AXPRelationshipCardinality, AXPRelationshipKind, AXPReloadAction, AXPReloadEvent, AXPSearchCommandProvider, AXPSearchDefinitionActionBuilder, AXPSearchDefinitionBuilder, AXPSearchDefinitionProviderContext, AXPSearchDefinitionProviderService, AXPSearchService, AXPSettingDefaultValuesAggregatorService, AXPSettingDefinitionGroupBuilder, AXPSettingDefinitionProviderContext, AXPSettingDefinitionProviderService, AXPSettingDefinitionSectionBuilder, AXPSettingsService, AXPStatusDefinitionProviderService, AXPStatusProvider, AXPStickyDirective, AXPSystemStatusType, AXPSystemStatuses, AXPToastAction, AXPTokenDefinitionService, AXPTokenEvaluatorScopeProvider, AXPVersioningService, AXPWorkflowNavigateAction, AXPWorkflowRouterNavigateAction, AXP_APP_VERSION_PROVIDER, AXP_FILE_ACTION_PROVIDER, AXP_FILE_TYPE_INFO_PROVIDER, AXP_HOME_PAGES, AXP_HOME_PAGE_DEFAULT_KEY, AXP_MENU_MIDDLEWARE, AXP_MENU_PROVIDER, AXP_NOT_FOUND_ROUTE, AXP_PLATFORM_CONFIG_TOKEN, AXP_PROTECTED_ROUTE_GUARDS, AXP_ROOT_CONFIG_TOKEN, AXP_SEARCH_DEFINITION_PROVIDER, AXP_SEARCH_PROVIDER, AXP_SETTING_DEFAULT_VALUES_PROVIDERS, AXP_SETTING_DEFINITION_PROVIDER, AXP_SETTING_VALUE_PROVIDER, AXP_STATUS_PROVIDERS, AXP_TOKEN_DEFINITION_PROVIDER, AXVChangeType, BETWEEN_OPER, BOOLEAN_OPERATORS, CONTAINS_OPER, DATE_OPERATORS, DEFAULT_DATE_FILTER_PRESETS, ENDS_WITH_OPER, ENVIRONMENT, EQ_OPER, GTE_OPER, GT_OPER, IN_OPER, IS_EMPTY_OPER, IS_NOT_EMPTY_OPER, LTE_OPER, LT_OPER, NOT_CONTAINS_OPER, NOT_EQ_OPER, NUMBER_OPERATORS, STARTS_WITH_OPER, STRING_OPERATORS, UploadFromComputerActionProvider, applyDateFilterPreset, axpFindMenuItemByRoute, axpIsEntityRecordNotFound, axpMenuPathsMatch, axpRedirectToNotFound, configPlatform, createAllQueryView, createMenuContext, createMenuMiddleware, createQueryView, findManualPresetIdByOperation, getEntityInfo, getStatusInfo, getSystemStatus, provideDynamicHomePage, provideMenuMiddleware, resolveDateFilterPresets, resolveStatusLook, systemStatusToDefinition };
 //# sourceMappingURL=acorex-platform-common.mjs.map