Angular 6 或更高版本中基于用户动态权限的访问路由
[英]Access Routes based on user dynamic permissions in Angular 6 or later
问题描述
I have applied role based authorization on user which is logged in. The JWT token is getting stored in localStorage and routes getting access based on Login and auth.guard.ts.
我已经对登录的用户应用了基于角色的授权。JWT 令牌存储在 localStorage 中,并且路由基于 Login 和 auth.guard.ts 获得访问权限。
But in addition to this certain user need to access some components which others with the same role don't.但除此之外,某些用户还需要访问某些具有相同角色的其他用户不需要的组件。 A json array is defining which routes user can access even after login. json 数组定义了用户即使在登录后也可以访问哪些路由。
What I have defined to get this done is check on ngOnInit of the component.我为完成这项工作而定义的是检查组件的ngOnInit 。 If the component is present in the array, it should be allowed to access other 404 page has to be displayed.如果该组件存在于数组中,则应该允许它访问其他必须显示的 404 页面。
But seems like I am not finding this way as an effective way to do so.但似乎我没有发现这种方法是一种有效的方法。
Please suggest any improvisation I can do with illustration.请建议我可以用插图做的任何即兴创作。 Would like to do everything do be done in right way.想做的每一件事都做对了。
3 个解决方案
解决方案1
1 已采纳 2019-11-20 07:43:34
You can Role validation to a specific route:您可以对特定路由进行角色验证:
const routes: Routes = [
{ //todo route you want to add validation for
path: 'route',
component: Component,
canActivate: [AuthGuard],
data: { roles: ["Admin"] } //recommend you dont use string here.
},
{ path: '**', redirectTo: '' }
];
And then just add these lines to your existing canActivate funciton:然后只需将这些行添加到您现有的canActivate :
let currentUser = User;
if (route.data.roles && route.data.roles.indexOf(currentUser.role) === -1) {
// role not authorised so redirect to home page
this.router.navigate(['/']);
return false;
}
EDIT:编辑:
I recommend you use role routes as its easier to maintain and more consisted however you can just add something like this to your canActivate function:我建议您使用角色路由,因为它更易于维护且更稳定,但是您可以将类似这样的内容添加到您的canActivate function 中:
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
let stateName: string = state.url.replace("/", "");
let currentUser = User;
if (currentUser.routePermissions.includes(stateName)) {
// route not authorised so redirect to home page
this.router.navigate(['/']);
return false;
}
}
Instead of an array maybe use a route object like and just match on actual false match.可以使用 object 之类的路由而不是数组,并且只匹配实际的错误匹配。
user.routePermissions = {
'route1': false
}
this will make it easier to maintain as you won't need to update all your users for a new route added.这将使维护更容易,因为您无需更新所有用户以添加新路线。
解决方案2
1 2019-11-20 08:02:19
I suggest that you use ngx-permissions , check this .我建议你使用ngx-permissions ,检查这个。 it works perfectly to give access based on roles in your template or routes, you can load your permissions for each user just after authentication它非常适合根据模板或路由中的角色授予访问权限,您可以在身份验证后立即为每个用户加载权限
this.permissionsService.loadPermissions(perm);
and then there you can use the everywhere canActivate , canLoad to manage access然后在那里你可以使用无处不在的canActivate , canLoad来管理访问
const appRoutes: Routes = [
{
path: 'lazy',
data: {
permissions: {
except: 'ADDDMIN',
}
},
canLoad: [NgxPermissionsGuard],
loadChildren: 'app/lazy-module/lazy-module.module#LazyModule'
},
];
@NgModule({
imports: [
RouterModule.forRoot(appRoutes)
],
exports: [
RouterModule
],
providers: [
// CanDeactivateGuard
]
})
export class AppRoutingModule {}
解决方案3
0 2019-11-20 07:45:47
you need to create different-different Module according to role based authorization on user and each Molude have one base routing file is there you need to check this module authorized according to user or not with use AuthGuard in routing.您需要根据用户基于角色的授权创建不同的不同模块,并且每个模块都有一个基本路由文件,您需要检查该模块是否根据用户授权在路由中使用 AuthGuard。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.