CODEWITHSUNDEEP
javascriptangularjsmeteorangular-ui-routerangular-meteor
Anatoly Ruchka
Anatoly Ruchka

Reputation: 543

Angular-meteor authorization - check user role before loading the page

I am using angular 1.5+, angular-meteor 1.3.10,and alanning:roles and want to forbid non admin roles to go admin path...How to do it?

export default angular.module(name, [
angularMeteor,
'angular-meteor.auth'
]).component(name, {
    templateUrl: `imports/ui/components/${name}/${name}.html`,
    controllerAs: name,
    controller: Admin
})
    .config(config);

function config($stateProvider) {
    'ngInject';
    $stateProvider
        .state('admin', {
            url: '/admin',
            template: '<admin></admin>',
            resolve: {
                user: ($q) => {
                    let user = Meteor.user();
                    console.log(Meteor.user());
                    console.log(Meteor.userId());
                    // let user = $auth.currentUser;
                    var user1 = Meteor.users.findOne({ _id: Meteor.userId() });
                    console.log(user);
                    console.log(user1);
                    if (Meteor.userId() === null) {
                        console.log("null user");
                        return $q.reject();
                    } else if (Roles.userIsInRole(user, ["admin"])) {
                        console.log("admin user");
                        return $q.resolve();
                    }
                    else {
                        console.log("reject");
                        return $q.reject();
                    }
                }


            }
        });
}

Here I can't get user to check userInRole... I can get only user Meteor.userId() here What i do wrong?

screen

Upvotes: 0

Views: 245

Answers (1)

rzamarripa
rzamarripa

Reputation: 11

im using alanning roles too, i solve the problem, hope to be useful for you.

angular.module("app").run(function ($rootScope, $state, toastr) {
  $rootScope.$on('$stateChangeError', function (event, toState, toParams, fromState, fromParams, error) {
    switch(error) {
      case "AUTH_REQUIRED":
        $state.go('anon.login');
        break;
      case "FORBIDDEN":
        //$state.go('root.home');
        break;
      case "UNAUTHORIZED":
      	toastr.error("Acceso Denegado");
				toastr.error("No tiene permiso para ver esta opción");
        break;
      default:
        $state.go('internal-client-error');
    }
  });
  $rootScope.$on('$stateChangeStart', function(next, current) { 
    NProgress.set(0.2);
  });
  $rootScope.$on('$stateChangeSuccess', function(next, current) { 
    NProgress.set(1.0);
  });
});


.state('root.view', {
  url: '/view/:param1/:param2/:param3',
  templateUrl: 'client/view.html',
  controller: 'ViewCtrl as vc',
  resolve: {
    "currentUser": ["$meteor", "toastr", function($meteor, toastr){
      return $meteor.requireValidUser(function(user) {
        if(user.roles[0] == "rolUser1" || user.roles[0] == "rolUser2"){
          return true;
        }else{
          return 'UNAUTHORIZED'; 
        }					 	
     });
   }]
  }
})

Upvotes: 1

Related Questions