[英]canActivate Documentation Example - General Understanding
Example from https://angular.io/api/router/CanActivate#description There are several things I am struggling with:来自https://angular.io/api/router/CanActivate#description 的示例我正在努力解决几件事:
1. the class Permissions
AND CanActivateTeam
contain a function called canActivate
. 1. Permissions
AND CanActivateTeam
类包含一个名为canActivate
的函数。 How is this good practice?这是一个怎样的好习惯? It confuses me, especially since we call this
.它混淆了我,特别是因为我们叫this
。 permissions
. permissions
。 canActivate
inside the canActivate
( )
function! canActivate
在canActivate
( )
函数中!
2. canActivate always returns true. 2. canActivate 总是返回真。 I don't understand why?我不明白为什么?
class UserToken {}
class Permissions {
canActivate(user: UserToken, id: string): boolean {
return true;
}
}
@Injectable()
class CanActivateTeam implements CanActivate {
constructor(private permissions: Permissions, private currentUser: UserToken) {}
canActivate(
route: ActivatedRouteSnapshot,
state: RouterStateSnapshot
): Observable<boolean|UrlTree>|Promise<boolean|UrlTree>|boolean|UrlTree {
return this.permissions.canActivate(this.currentUser, route.params.id);
}
}
@NgModule({
imports: [
RouterModule.forRoot([
{
path: 'team/:id',
component: TeamCmp,
canActivate: [CanActivateTeam]
}
])
],
providers: [CanActivateTeam, UserToken, Permissions]
})
class AppModule {}
Permissions
class has a canActivate
method, but it is a coincidence. Permissions
类有一个canActivate
方法,不过是巧合。 They could have called it foo
: they called it like that because it is clear what it is used for (once you know what canActivate
means in Angular. In the same way, if you see an intercept
in a class, chances are that this class is being used in an interceptor.他们可以称之为foo
:他们这样称呼它是因为它的用途很清楚(一旦你知道canActivate
在 Angular 中的含义。同样,如果你在类中看到intercept
,很可能是这个类正在拦截器中使用。 For the CanActivateTeam
class, it has a canActivate
function because it implements the CanActivate
interface.对于CanActivateTeam
类,它有一个canActivate
函数,因为它实现了CanActivate
接口。 This is a good practice created by Angular : you should always implement the interfaces corresponding to certain hooks of the framework.这是 Angular 创建的一个很好的实践:你应该始终实现与框架的某些钩子相对应的接口。 This is valid for things such as HttpInterceptor
, OnInit
, AfterViewInit
, etc.这对诸如HttpInterceptor
、 OnInit
、 AfterViewInit
等有效。
Those interfaces, while not required, are strongly recommended.这些接口虽然不是必需的,但强烈推荐。
Made it short and simple, canActivate
should return a boolean, or a promise/observable of a boolean.让它简短而简单, canActivate
应该返回一个布尔值,或者一个布尔值的承诺/可观察值。
If the boolean is truthy, you can access your guarded routes.如果布尔值为真,则可以访问受保护的路由。 If not, the navigation is cancelled, and you have to display a message to the user, stating that he can not access this part of your application.如果没有,导航将被取消,您必须向用户显示一条消息,说明他无法访问您应用程序的这一部分。
CanActivateTeam is an implementation of the CanActivate
Angular Route guards mechanisms. CanActivateTeam 是CanActivate
Angular Route 防护机制的实现。
It is used to to prevent a user to access a route (canActivate) or a group of routes (canActivateChild).它用于阻止用户访问一个路由(canActivate)或一组路由(canActivateChild)。 It can also be used to resolve data before accessing a route (loading/check auth from webservice)它还可以用于在访问路由之前解析数据(从 Web 服务加载/检查身份验证)
When you implement the CanActivate
interface, you have to provide the canActivate
function that must return either a boolean, a Promise or an Observable.当您实现CanActivate
接口时,您必须提供必须返回布尔值、Promise 或 Observable 的canActivate
函数。 In the example you had given, an external service is called that is handling that logic.在您给出的示例中,调用了一个处理该逻辑的外部服务。 The practice is good as it is always good to separate concers (route guard is one thing, a permission service an other)这种做法很好,因为分开关注总是好的(路线守卫是一回事,许可服务是另一回事)
Then the CanActivateTeam::canActivate
method PermissionService::canActivate
to know if the user can access this route.然后通过CanActivateTeam::canActivate
方法PermissionService::canActivate
来了解用户是否可以访问此路由。
In the PermissionService::canActivate
, it up to you to code your own logic (call a WS, check a cookie, etc), and I guess they put a simple return true
to not complicate their simple example.在PermissionService::canActivate
,由您来编写自己的逻辑(调用 WS、检查 cookie 等),我猜他们放了一个简单的return true
以免使他们的简单示例复杂化。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.