@open-rlb/ng-app 3.1.90 → 3.1.91
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -571,6 +571,23 @@ class AppsService {
|
|
|
571
571
|
return false;
|
|
572
572
|
return this.aclStore.hasPermission(info.busId, info.resId, action);
|
|
573
573
|
}
|
|
574
|
+
/**
|
|
575
|
+
* Finds the app that owns a given route path string (e.g. 'some-page/sub-page').
|
|
576
|
+
* Used by permissionGuard on initial deep-link navigation, before NavigationEnd has
|
|
577
|
+
* fired and currentApp has been selected by the router listener.
|
|
578
|
+
*/
|
|
579
|
+
findAppForPath(path) {
|
|
580
|
+
return this.apps().find((app) => app.routes?.some((r) => r === path || path.startsWith(r + '/') || r.startsWith(path + '/')) ||
|
|
581
|
+
app.core?.url === '/' + path ||
|
|
582
|
+
(app.core?.url && path.startsWith(app.core.url.replace(/^\//, ''))));
|
|
583
|
+
}
|
|
584
|
+
checkPermissionForApp(app, action) {
|
|
585
|
+
if (!app?.data || !this.confAcl)
|
|
586
|
+
return false;
|
|
587
|
+
const busId = app.data[this.confAcl.businessIdKey];
|
|
588
|
+
const resId = app.data[this.confAcl.resourceIdKey];
|
|
589
|
+
return this.aclStore.hasPermission(busId, resId, action);
|
|
590
|
+
}
|
|
574
591
|
selectApp(app, viewMode, url) {
|
|
575
592
|
const currentApp = this.currentApp();
|
|
576
593
|
if (!app) {
|
|
@@ -2768,14 +2785,26 @@ const oauthGuard = (route, state) => {
|
|
|
2768
2785
|
}));
|
|
2769
2786
|
};
|
|
2770
2787
|
|
|
2771
|
-
const permissionGuard =
|
|
2788
|
+
const permissionGuard = route => {
|
|
2772
2789
|
const aclStore = inject(AclStore);
|
|
2773
2790
|
const appsService = inject(AppsService);
|
|
2774
2791
|
const router = inject(Router);
|
|
2775
|
-
// We wait for aclStore to load data
|
|
2776
2792
|
return toObservable(aclStore.loaded).pipe(filter(Boolean), take(1), map(() => {
|
|
2777
2793
|
const action = route.data['action'];
|
|
2778
|
-
|
|
2794
|
+
// Default case: currentApp already selected (any navigation after the first).
|
|
2795
|
+
if (appsService.currentApp()) {
|
|
2796
|
+
return appsService.checkPermissionInCurrentApp(action)
|
|
2797
|
+
? true
|
|
2798
|
+
: router.createUrlTree(['/forbidden']);
|
|
2799
|
+
}
|
|
2800
|
+
// Deep-link case: currentApp still not processed by AppsService, so we extract ACL data from route and check permissions
|
|
2801
|
+
const routePath = route.pathFromRoot
|
|
2802
|
+
.flatMap(r => r.url)
|
|
2803
|
+
.map(seg => seg.path)
|
|
2804
|
+
.filter(Boolean)
|
|
2805
|
+
.join('/');
|
|
2806
|
+
const resolvedApp = appsService.findAppForPath(routePath);
|
|
2807
|
+
if (resolvedApp && appsService.checkPermissionForApp(resolvedApp, action)) {
|
|
2779
2808
|
return true;
|
|
2780
2809
|
}
|
|
2781
2810
|
return router.createUrlTree(['/forbidden']);
|