[英]how to manage user roles and permission in a full stack application made up of angular and .net core web api
[英]How to manage the roles and permission in angular 2
嗨,我已经存储了以下数据
"permission": {
"1000": "CREATE_DISBMT_WORKFLOW",
"1001": "EDIT_DISBMT_WORKFLOW",
"1002": "EDIT_UPLOAD_PHOTO_DISBMT_WORKFLOW",
"1003": "EDIT_UPLOAD_CONFIRMED_DISBMT_WORKFLOW",
"1004": "EDIT_VERIFIED_DISBMT_WORKFLOW",
"1005": "VIEW_DISBMT_WORKFLOW",
"1006": "DELETE_DISBMT_WORKFLOW"
}
现在在本地存储中,我想创建一个函数,如果它在上面的权限对象中存在,则应该在上面传递CREATE_DISBMT_WORKFLOW,该函数应该返回true,否则返回false
在Angular 2中这样做的方式是什么
这是我的逻辑,如果它返回真实数据,将使用* ngIf等显示。
如果您调整权限数据对象,使权限名称是键而不是权限ID,则您的权限服务可能就这么简单:
import { Injectable } from '@angular/core';
@Injectable()
export class PermissionsService {
private permissions: any = {}
constructor() { }
setPermissions(permissions: any) : void {
this.permissions = permissions;
}
canCurrentUser(permission: string) : boolean {
return (permission in this.permissions);
}
}
组态:
let permissions = {
"CREATE_DISBMT_WORKFLOW":"1000",
"EDIT_DISBMT_WORKFLOW":"1001",
"EDIT_UPLOAD_PHOTO_DISBMT_WORKFLOW":"1002",
"EDIT_UPLOAD_CONFIRMED_DISBMT_WORKFLOW":"1003",
"EDIT_VERIFIED_DISBMT_WORKFLOW":"1004",
"VIEW_DISBMT_WORKFLOW":"1005",
"DELETE_DISBMT_WORKFLOW":"1006"
}
this.permissionsService.setPermissions(permissions);
采用:
let hasPermission = this.permissionsService.canCurrentUser("CREATE_DISBMT_WORKFLOW");
但是,如果您需要保留原始权限数据结构,则此canCurrentUser(permission)
函数也将起作用(尽管可读性较差):
canCurrentUser(permission: string) {
for (var key in this.permissions) {
if (this.permissions.hasOwnProperty(key) && this.permissions[key] === permission) {
return true;
}
}
return false;
}
要为angular2应用程序管理权限和访问控制,可以使用ng2-permission模块。
将Ng2Permission
导入到您应用的模块中:
import { Ng2Permission } from 'angular2-permission';
@NgModule({
imports: [
Ng2Permission
]
})
您还可以使用PermissionService
管理PermissionService
。 请参阅此链接: 管理权限 。
import { PermissionService } from 'angular2-permission';
//.
//.
//.
constructor(private _permissionService: PermissionService) {
this._permissionService.define(['CREATE_DISBMT_WORKFLOW',
'EDIT_DISBMT_WORKFLOW', 'EDIT_UPLOAD_PHOTO_DISBMT_WORKFLOW',
'EDIT_UPLOAD_CONFIRMED_DISBMT_WORKFLOW', 'EDIT_VERIFIED_DISBMT_WORKFLOW',
'VIEW_DISBMT_WORKFLOW', 'DELETE_DISBMT_WORKFLOW']);
}
该模块还包含两个指令,用于控制视图中的访问。 例如,如果已经定义DELETE_DISBMT_WORKFLOW
或在权限存储中添加,将显示删除按钮。
<button type="button" class="btn btn-danger btn-xs" [hasPermission]="['DELETE_DISBMT_WORKFLOW']">
<span class="glyphicon glyphicon-trash" aria-hidden="true"></span>
Delete
</button>
您可以从Ng2Permission
模块使用PermissionGuard,以保护路由。
import { PermissionGuard, IPermissionGuardModel } from 'angular2-permission';
const routes: Routes = [
{
path: 'users',
component: UserListComponent,
canActivate: [PermissionGuard],
data: {
Permission: {
Only: ['GuestUser'],
RedirectTo: '403'
} as IPermissionGuardModel
},
children: []
},
//.
//.
//.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.