diff --git a/src/app/app.routes.ts b/src/app/app.routes.ts index 6038e1b..3a9c3b2 100644 --- a/src/app/app.routes.ts +++ b/src/app/app.routes.ts @@ -3,6 +3,7 @@ import { LoginComponent } from './authenticate/login/login.component'; import { ChangePasswordComponent } from './user-management/change-password/change-password.component'; import { FullLayoutComponent } from './full-layout/full-layout.component'; import { AuthenticationGuard } from './shared/guards/authentication.guard'; +// import { ActivityGuard } from './shared/guards/activity.guard'; export const routes: Routes = [ { @@ -37,6 +38,9 @@ export const routes: Routes = [ }, { path: 'permissions', + // will need this guard in future when permissions are implemented. + // commenting them for now. + // canActivate: [ActivityGuard], loadComponent: () => import('./user-permissions/user-permissions.component').then( m => m.UserPermissionsComponent @@ -44,6 +48,7 @@ export const routes: Routes = [ }, { path: 'smsLogger', + // canActivate: [ActivityGuard], loadComponent: () => import('./sms-banking/sms-banking.component').then( m => m.SmsBankingComponent @@ -51,6 +56,7 @@ export const routes: Routes = [ }, { path: 'smsGateway', + // canActivate: [ActivityGuard], loadComponent: () => import('./sms-gateway/sms-gateway.component').then( m => m.SmsGatewayComponent @@ -58,6 +64,7 @@ export const routes: Routes = [ }, { path: 'loggerManager', + // canActivate: [ActivityGuard], loadComponent: () => import('./logging/logging.component').then( m => m.LoggingComponent @@ -65,6 +72,7 @@ export const routes: Routes = [ }, { path: 'analysis', + // canActivate: [ActivityGuard], loadComponent: () => import('./data-analysis/data-analysis.component').then( m => m.DataAnalysisComponent @@ -72,6 +80,7 @@ export const routes: Routes = [ }, { path: 'ibUnblockUser', + // canActivate: [ActivityGuard], loadComponent: () => import('./ib-support/ib-unblock-user/ib-unblock-user.component').then( m => m.IbUnblockUserComponent @@ -79,6 +88,7 @@ export const routes: Routes = [ }, { path: 'feedbackSetup', + // canActivate: [ActivityGuard], loadComponent: () => import('./ib-support/feedback-setup/feedback-setup.component').then( m => m.FeedbackSetupComponent @@ -86,6 +96,7 @@ export const routes: Routes = [ }, { path: 'purposeSetup', + // canActivate: [ActivityGuard], loadComponent: () => import('./ib-support/tran-purpose-setup/tran-purpose-setup.component').then( m => m.TranPurposeSetupComponent @@ -93,6 +104,7 @@ export const routes: Routes = [ }, { path: 'thirdPartyRegistration', + // canActivate: [ActivityGuard], loadComponent: () => import('./user-management/third-party-registration/third-party-registration.component').then( m => m.ThirdPartyRegistrationComponent @@ -100,6 +112,7 @@ export const routes: Routes = [ }, { path: 'setupUser', + // canActivate: [ActivityGuard], loadComponent: () => import('./user-management/setup-user/setup-user.component').then( m => m.SetupUserComponent @@ -107,6 +120,7 @@ export const routes: Routes = [ }, { path: 'resetPassword', + // canActivate: [ActivityGuard], loadComponent: () => import('./user-management/reset-password/reset-password.component').then( m => m.ResetPasswordComponent @@ -114,6 +128,7 @@ export const routes: Routes = [ }, { path: 'changePassword', + // canActivate: [ActivityGuard], loadComponent: () => import('./user-management/change-password/change-password.component').then( m => m.ChangePasswordComponent diff --git a/src/app/services/authenticate.service.ts b/src/app/services/authenticate.service.ts index bcee077..d766c40 100644 --- a/src/app/services/authenticate.service.ts +++ b/src/app/services/authenticate.service.ts @@ -79,14 +79,6 @@ export class AuthenticationService { return false; } - isOrganizartionUser(){ - if (this.storageService && this.storageService.getItem('user') != null) { - let cachedUser = JSON.parse(this.storageService.getItem('user') || '{}'); - return cachedUser.userType === HiddenValues.ORGANIZATION_USER; - } - return false; - } - isSuperAdminUser(){ if (this.storageService && this.storageService.getItem('user') != null) { let cachedUser = JSON.parse(this.storageService.getItem('user') || '{}'); diff --git a/src/app/shared/guards/activity.guard.ts b/src/app/shared/guards/activity.guard.ts new file mode 100644 index 0000000..1e85545 --- /dev/null +++ b/src/app/shared/guards/activity.guard.ts @@ -0,0 +1,59 @@ +import { LocationStrategy } from '@angular/common'; +import { Injectable } from '@angular/core'; +import { ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot } from '@angular/router'; +import { AuthenticationService } from '../../services/authenticate.service'; +import { I18NService } from '../../services/i18n.service'; +import { ErrorMessages, FormConstants } from '../../utils/enums'; +import { CredentialService } from '../../services/credential.service'; + + +@Injectable( + { providedIn: 'root' } +) +export class ActivityGuard implements CanActivate { + + constructor(private router: Router, private authService: AuthenticationService, private i18nService: I18NService, private credentialService: CredentialService) { } + + canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) { + if (typeof window !== 'undefined' && window.localStorage) { + let permissions = JSON.parse(window.localStorage.getItem('permission') || '[]'); + if (this.authService.isAuthenticated()) { + if (this.authService.isSuperAdminUser()){ + return true; + } + let routeLink = (state.url.split('?'))[0]; + if (this.isRouteAuthorized(routeLink, route.queryParams, permissions)) { + return true; + } + this.i18nService.error(ErrorMessages.ACCESS_DENIED, []); + window.localStorage.setItem('currentSubModule','dashboard'); + this.router.navigate(["/home/dashboard"]); + return false; + } else { + this.authService.logout(); + return false; + } + } + return false; + } + + isRouteAuthorized(routerLink: string, queryParams: any, permissions: any): boolean { + let routePermissions : any = {} + let permissionName : any = {} + permissions.forEach((permission: any) => { + routePermissions[permission.route] = permission.checked; + permissionName[permission.name] = permission.checked; + if(permission.children.length>0){ + permission.children.forEach((child: any)=>{ + routePermissions[child.route] = child.checked; + permissionName[child.name] = child.checked; + }) + } + }); + if(routePermissions[routerLink]){ + return true; + } + return false; + } + +} \ No newline at end of file diff --git a/src/app/utils/enums.ts b/src/app/utils/enums.ts index 961aa22..f43ca1b 100644 --- a/src/app/utils/enums.ts +++ b/src/app/utils/enums.ts @@ -1,10 +1,11 @@ export enum ErrorMessages{ - INTERNAL_SERVER_ERROR = "ERR_APP_B_0001", - CONNECTION_ERROR = "ERR_APP_B_0002", - BAD_REQUEST = "ERR_APP_B_0003", - FORBIDDEN_REQUEST = "ERR_APP_B_0004", - UNAUTHORIZED_REQUEST = "ERR_APP_B_0005", + INTERNAL_SERVER_ERROR = "INTERNAL_SERVER_ERROR", + CONNECTION_ERROR = "CONNECTION_ERROR", + BAD_REQUEST = "BAD_REQUEST", + FORBIDDEN_REQUEST = "FORBIDDEN_REQUEST", + UNAUTHORIZED_REQUEST = "UNAUTHORIZED_REQUEST", ALREADY_LOGGED_IN = "ALREADY_LOGGED_IN", + ACCESS_DENIED = "ACCESS_DENIED", } export enum supportedLanguages{ diff --git a/src/assets/i18n/Arabic.json b/src/assets/i18n/Arabic.json index f01d0ec..10d017a 100644 --- a/src/assets/i18n/Arabic.json +++ b/src/assets/i18n/Arabic.json @@ -214,5 +214,11 @@ "previous": "سابق", "next": "التالي", "LOGIN_SUCCESSFULLY":"تم تسجيل الدخول بنجاح", - "ALREADY_LOGGED_IN": "المستخدم مسجل دخوله بالفعل" + "ALREADY_LOGGED_IN": "المستخدم مسجل دخوله بالفعل", + "ACCESS_DENIED" : "تم الرفض", + "INTERNAL_SERVER_ERROR": "خطأ في الخادم الداخلي", + "CONNECTION_ERROR": "خطأ في الاتصال", + "BAD_REQUEST": "اقتراح غير جيد", + "FORBIDDEN_REQUEST": "طلب ممنوع", + "UNAUTHORIZED_REQUEST": "طلب غير مصرح به" } \ No newline at end of file diff --git a/src/assets/i18n/English.json b/src/assets/i18n/English.json index 35b7bcb..2fdac12 100644 --- a/src/assets/i18n/English.json +++ b/src/assets/i18n/English.json @@ -213,5 +213,11 @@ "previous": "Previous", "next": "Next", "LOGIN_SUCCESSFULLY":"Login SucessFully", - "ALREADY_LOGGED_IN": "User Already Logged In" + "ALREADY_LOGGED_IN": "User Already Logged In", + "ACCESS_DENIED" : "Access Denied", + "INTERNAL_SERVER_ERROR": "Internal Server Error", + "CONNECTION_ERROR": "Connection Error", + "BAD_REQUEST": "Bad Request", + "FORBIDDEN_REQUEST": "Forbidden Request", + "UNAUTHORIZED_REQUEST": "Unauthorized Request" } \ No newline at end of file