Merge pull request #160 from AppliedIS/fix-routing

Fixed routing permissions issue.
ais-open · Nov 18, 2016 · 707ced6 · 707ced6
2 parents d71f724 + f5b9036
commit 707ced6
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 31 deletions.
diff --git a/DOL.WHD.Section14c.Web/src/modules/app.js b/DOL.WHD.Section14c.Web/src/modules/app.js
@@ -50,61 +50,77 @@ require('./filters')(app);
 require('./pages')(app);
 require('./services')(app);
 
+// route access states
+const ROUTE_PUBLIC = 1;
+const ROUTE_LOGGEDIN = 3;
+const ROUTE_USER = 7;
+const ROUTE_ADMIN = 11;
+
+let checkRouteAccess = function(route, userAccess) {
+    if (!route.access) {
+        return false;
+    }
+
+    return (route.access & userAccess) === route.access;
+}
+
 app.config(function($routeProvider, $compileProvider) {
     $routeProvider
     .when('/', {
         controller: 'landingPageController',
         reloadOnSearch: false,
         template: require('./pages/landingPageTemplate.html'),
-        public: true
+        access: ROUTE_PUBLIC,
+        isLanding: true
     })
     .when('/changePassword', {
         controller: 'changePasswordPageController',
         template: require('./pages/changePasswordPageTemplate.html'),
-        public: true,
-        admin: true
+        access: ROUTE_PUBLIC
     })
     .when('/forgotPassword', {
         controller: 'forgotPasswordPageController',
         template: require('./pages/forgotPasswordPageTemplate.html'),
-        public: true,
-        admin: true
+        access: ROUTE_PUBLIC
     })
     .when('/login', {
         controller: 'userLoginPageController',
         template: require('./pages/userLoginPageTemplate.html'),
-        public: true
+        access: ROUTE_PUBLIC
     })
     .when('/register', {
         controller: 'userRegistrationPageController',
         template: require('./pages/userRegistrationPageTemplate.html'),
-        public: true
+        access: ROUTE_PUBLIC
     })
     .when('/account/:userId', {
         controller: 'accountPageController',
-        template: require('./pages/accountPageTemplate.html')
+        template: require('./pages/accountPageTemplate.html'),
+        access: ROUTE_LOGGEDIN
     })
     .when('/section/:section_id', {
         template: function(params){ return '<form-section><section-' + params.section_id + '></section-' + params.section_id + '></form-section>'; },
-        reloadOnSearch: false
+        reloadOnSearch: false,
+        access: ROUTE_USER
     })
     .when('/admin', {
         controller: 'adminDashboardController',
         template: require('./pages/adminDashboardTemplate.html'),
-        admin: true
+        access: ROUTE_ADMIN
     })
     .when('/admin/users', {
         controller: 'userManagementPageController',
         template: require('./pages/userManagementPageTemplate.html'),
-        admin: true
+        access: ROUTE_ADMIN
     })
     .when('/admin/:app_id', {
-        redirectTo: function(params){ return '/admin/' + params.app_id + '/section/summary'; }
+        redirectTo: function(params){ return '/admin/' + params.app_id + '/section/summary'; },
+        access: ROUTE_ADMIN
     })
     .when('/admin/:app_id/section/:section_id', {
         template: function(params){ return '<admin-review appid=' + params.app_id + '><section-admin-' + params.section_id + '></section-admin-' + params.section_id + '></admin-review>'; },
         reloadOnSearch: false,
-        admin: true
+        access: ROUTE_ADMIN
     })
     .otherwise({
         redirectTo: '/'
@@ -125,17 +141,14 @@ app.run(function($rootScope, $location, stateService, autoSaveService, authServi
     if (!env.dev_flag === true) {
         // watch for route changes and redirect non-public routes if not logged in
         $rootScope.$on( "$routeChangeStart", function(event, next, current) {
-            if (!stateService.loggedIn && next.$$route.public !== true ) {
-                // not logged in
-                $location.path( "/" );
-            }
-            else if (next.$$route.admin === true && !stateService.isAdmin) {
-                // non-admin trying to access admin page
-                $location.path( "/" );
+            let userAccess = stateService.isAdmin ? ROUTE_ADMIN : stateService.loggedIn ? ROUTE_USER : ROUTE_PUBLIC;
+            if (!checkRouteAccess(next.$$route, userAccess)) {
+                // user does not have adequate permissions to access the route so redirect
+                $location.path("/" + (userAccess === ROUTE_ADMIN ? "admin" : ""));
             }
-            else if (stateService.isAdmin && next.$$route.admin !== true) {
-                // admin trying to access application form pages
-                $location.path( "/admin" );
+            else if (next.$$route.isLanding && userAccess === ROUTE_ADMIN) {
+                // redirect admin users to the admin dashboard
+                $location.path("/admin");
             }
         });
     }

diff --git a/DOL.WHD.Section14c.Web/src/modules/pages/landingPageTemplate.html b/DOL.WHD.Section14c.Web/src/modules/pages/landingPageTemplate.html
@@ -32,12 +32,4 @@ <h1>Section 14(c) Certificate Application</h1>
   <div ng-if="stateService.user.email">
     <a href ng-click="changePassword()" name="Change Password">Change Password</a>
   </div>
-  <h2 ng-if="stateService.hasClaim('UserManagement.CreateAccount') || stateService.hasClaim('UserManagement.GetAccounts')">User Management</h2>
-  <div ng-if="stateService.hasClaim('UserManagement.CreateAccount')">
-    <account-create-button></account-create-button>
-  </div>
-  <div ng-if="stateService.hasClaim('UserManagement.GetAccounts')">
-    <account-grid></account-grid>
-  </div>
 </div>
-