2018-11-11 12:00:45 +01:00
|
|
|
import { Injectable } from '@angular/core';
|
|
|
|
|
import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from "@angular/router";
|
|
|
|
|
|
|
|
|
|
import { AuthService } from "./auth.service";
|
|
|
|
|
|
|
|
|
|
@Injectable()
|
|
|
|
|
export class RoleGuardService{
|
|
|
|
|
|
|
|
|
|
private roleDef = {
|
|
|
|
|
// üzemeltetési főosztály
|
|
|
|
|
'ufo': [
|
|
|
|
|
new RegExp("/hiba/lista", "i"),
|
|
|
|
|
new RegExp("/hiba/feladat-lista", "i"),
|
|
|
|
|
new RegExp("/hiba/nagyerteku-jovahagyas/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/hibatarolo/[\\w]+", "i"),
|
|
|
|
|
new RegExp("/hiba/megjelenites/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/beallitasok", "i"),
|
|
|
|
|
],
|
|
|
|
|
'uzemeltetesi_vezeto': [
|
|
|
|
|
new RegExp("/hiba/lista", "i"),
|
|
|
|
|
new RegExp("/hiba/feladat-lista", "i"),
|
|
|
|
|
new RegExp("/hiba/rogzites", "i"),
|
|
|
|
|
new RegExp("/hiba/javitas-lezaras/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/hiba/elfogadas-visszaigazolas/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/hibatarolo/[\\w]+", "i"),
|
|
|
|
|
new RegExp("/hiba/megjelenites/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/beallitasok", "i"),
|
|
|
|
|
new RegExp("/karbantartas/(idoszeru|teljes)-lista", "i"),
|
2018-11-19 21:35:50 +01:00
|
|
|
new RegExp("/karbantartas/naptar", "i"),
|
|
|
|
|
new RegExp("/karbantartas/naptar/[\\d]+", "i"),
|
2018-11-11 12:00:45 +01:00
|
|
|
],
|
|
|
|
|
'projektvezeto': [
|
|
|
|
|
new RegExp("/hiba/lista", "i"),
|
|
|
|
|
new RegExp("/hiba/feladat-lista", "i"),
|
|
|
|
|
new RegExp("/hiba/visszaigazolas/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/hiba/javitas-lezaras/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/hibatarolo/[\\w]+", "i"),
|
|
|
|
|
new RegExp("/hiba/megjelenites/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/beallitasok", "i"),
|
|
|
|
|
new RegExp("/riportok/szures", "i"),
|
|
|
|
|
new RegExp("/riportok/havi-zaras", "i"),
|
|
|
|
|
new RegExp("/karbantartas/(idoszeru|teljes)-lista", "i"),
|
2018-11-19 21:35:50 +01:00
|
|
|
new RegExp("/karbantartas/naptar", "i"),
|
|
|
|
|
new RegExp("/karbantartas/naptar/[\\d]+", "i"),
|
2018-11-11 12:00:45 +01:00
|
|
|
new RegExp("/karbantartas/szerkesztes", "i"),
|
|
|
|
|
],
|
|
|
|
|
|
|
|
|
|
// readonly
|
|
|
|
|
'betekinto': [
|
|
|
|
|
new RegExp("/hiba/lista", "i"),
|
|
|
|
|
new RegExp("/hibatarolo/[\\w]+", "i"),
|
|
|
|
|
new RegExp("/hiba/megjelenites/[\\d]+", "i"),
|
|
|
|
|
new RegExp("/beallitasok", "i"),
|
|
|
|
|
],
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
constructor(private authService: AuthService,
|
|
|
|
|
private router: Router) {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
|
|
|
|
|
let tokenData = this.authService.tokenData;
|
|
|
|
|
return this.roleCanAccessRoute(tokenData.roles, state.url);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public roleCanAccessRoute(roles: Array<string>, url: string): boolean {
|
|
|
|
|
if (roles.indexOf('admin') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (let i = 0; i < roles.length; i++) {
|
|
|
|
|
if (this.roleDef[roles[i]]) {
|
|
|
|
|
for (let j = 0; j < this.roleDef[roles[i]].length; j++) {
|
|
|
|
|
if (this.roleDef[roles[i]][j].test(url)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
console.warn('Role definition not found: ' + roles[i]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
this.router.navigate(['/']);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// @todo this is really primitive, should look for some rbacl implementation
|
|
|
|
|
public userCanAccessResource(resource: string): boolean {
|
|
|
|
|
let roles = this.authService.tokenData.roles;
|
|
|
|
|
if (roles.indexOf('admin') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
switch (resource) {
|
|
|
|
|
case 'recordFault':
|
|
|
|
|
if (roles.indexOf('uzemeltetesi_vezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'confirm':
|
|
|
|
|
if (roles.indexOf('projektvezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'confirmExtraCost':
|
|
|
|
|
if (roles.indexOf('ufo') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'karbantartas':
|
|
|
|
|
if (roles.indexOf('projektvezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'repair':
|
|
|
|
|
if (roles.indexOf('uzemeltetesi_vezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
case 'finishRepair':
|
|
|
|
|
if (roles.indexOf('projektvezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'acknowledge':
|
|
|
|
|
if (roles.indexOf('uzemeltetesi_vezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'monthlyClose':
|
|
|
|
|
if (roles.indexOf('projektvezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'riportok':
|
|
|
|
|
if (roles.indexOf('projektvezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
if (roles.indexOf('uzemeltetesi_vezeto') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
if (roles.indexOf('ufo') != -1) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'taskList':
|
|
|
|
|
return roles.indexOf('betekinto') == -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public userHasRole(role: string) {
|
|
|
|
|
return this.authService.tokenData.roles.indexOf(role) != -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
