-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added the reader and admin guards [#547]
- Loading branch information
Showing
11 changed files
with
503 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,147 @@ | ||
/* | ||
* ComiXed - A digital comic book library management application. | ||
* Copyright (C) 2020, The ComiXed Project | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License as published by | ||
* the Free Software Foundation, either version 3 of the License, or | ||
* (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses> | ||
*/ | ||
|
||
import { TestBed } from '@angular/core/testing'; | ||
import { AdminGuard } from './admin.guard'; | ||
import { | ||
initialState as initialUserState, | ||
USER_FEATURE_KEY | ||
} from '@app/user/reducers/user.reducer'; | ||
import { MockStore, provideMockStore } from '@ngrx/store/testing'; | ||
import { Router } from '@angular/router'; | ||
import { RouterTestingModule } from '@angular/router/testing'; | ||
import { LoggerModule } from '@angular-ru/logger'; | ||
import { USER_ADMIN, USER_READER } from '@app/user/user.fixtures'; | ||
import { Observable } from 'rxjs'; | ||
|
||
describe('AdminGuard', () => { | ||
const initialState = { | ||
[USER_FEATURE_KEY]: initialUserState | ||
}; | ||
|
||
let guard: AdminGuard; | ||
let store: MockStore<any>; | ||
let router: Router; | ||
|
||
beforeEach(() => { | ||
TestBed.configureTestingModule({ | ||
imports: [ | ||
RouterTestingModule.withRoutes([{ path: '*', redirectTo: '' }]), | ||
LoggerModule.forRoot() | ||
], | ||
providers: [provideMockStore({ initialState })] | ||
}); | ||
guard = TestBed.inject(AdminGuard); | ||
store = TestBed.inject(MockStore); | ||
router = TestBed.inject(Router); | ||
spyOn(router, 'navigateByUrl'); | ||
}); | ||
|
||
it('should be created', () => { | ||
expect(guard).toBeTruthy(); | ||
}); | ||
|
||
describe('when the authentication system is not initialized', () => { | ||
beforeEach(() => { | ||
store.setState({ | ||
...initialState, | ||
[USER_FEATURE_KEY]: { | ||
...initialUserState, | ||
authenticated: false, | ||
user: null | ||
} | ||
}); | ||
}); | ||
|
||
it('defers access', () => { | ||
(guard.canActivate(null, null) as Observable< | ||
boolean | ||
>).subscribe(response => expect(response).toBeTruthy()); | ||
}); | ||
|
||
afterEach(() => { | ||
store.setState({ | ||
...initialState, | ||
[USER_FEATURE_KEY]: { | ||
...initialUserState, | ||
authenticated: true, | ||
user: USER_ADMIN | ||
} | ||
}); | ||
}); | ||
}); | ||
|
||
describe('when the user is not authenticated', () => { | ||
beforeEach(() => { | ||
store.setState({ | ||
...initialState, | ||
[USER_FEATURE_KEY]: { | ||
...initialUserState, | ||
authenticated: true, | ||
user: null | ||
} | ||
}); | ||
}); | ||
|
||
it('redirects the browser to the login form', () => { | ||
expect(router.navigateByUrl).toHaveBeenCalledWith('/login'); | ||
}); | ||
|
||
it('denies access', () => { | ||
expect(guard.canActivate(null, null)).toBeFalsy(); | ||
}); | ||
}); | ||
|
||
describe('when the user is not an admin', () => { | ||
beforeEach(() => { | ||
store.setState({ | ||
...initialState, | ||
[USER_FEATURE_KEY]: { | ||
...initialUserState, | ||
authenticated: true, | ||
user: USER_READER | ||
} | ||
}); | ||
}); | ||
|
||
it('redirects the browser to the root page', () => { | ||
expect(router.navigateByUrl).toHaveBeenCalledWith('/'); | ||
}); | ||
|
||
it('denies access', () => { | ||
expect(guard.canActivate(null, null)).toBeFalsy(); | ||
}); | ||
}); | ||
|
||
describe('when the user is an admin', () => { | ||
beforeEach(() => { | ||
store.setState({ | ||
...initialState, | ||
[USER_FEATURE_KEY]: { | ||
...initialUserState, | ||
authenticated: true, | ||
user: USER_ADMIN | ||
} | ||
}); | ||
}); | ||
|
||
it('allows access', () => { | ||
expect(guard.canActivate(null, null)).toBeTruthy(); | ||
}); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
/* | ||
* ComiXed - A digital comic book library management application. | ||
* Copyright (C) 2020, The ComiXed Project | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License as published by | ||
* the Free Software Foundation, either version 3 of the License, or | ||
* (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses> | ||
*/ | ||
|
||
import { Injectable } from '@angular/core'; | ||
import { | ||
ActivatedRouteSnapshot, | ||
CanActivate, | ||
Router, | ||
RouterStateSnapshot | ||
} from '@angular/router'; | ||
import { Observable, Subject } from 'rxjs'; | ||
import { LoggerService } from '@angular-ru/logger'; | ||
import { Store } from '@ngrx/store'; | ||
import { selectUserState } from '@app/user/selectors/user.selectors'; | ||
import { filter } from 'rxjs/operators'; | ||
import { isAdmin } from '@app/user/user.functions'; | ||
|
||
@Injectable({ | ||
providedIn: 'root' | ||
}) | ||
export class AdminGuard implements CanActivate { | ||
authenticated = false; | ||
isAdmin = false; | ||
delayed$ = new Subject<boolean>(); | ||
|
||
constructor( | ||
private logger: LoggerService, | ||
private store: Store<any>, | ||
private router: Router | ||
) { | ||
this.store | ||
.select(selectUserState) | ||
.pipe(filter(state => !!state)) | ||
.subscribe(state => { | ||
this.logger.debug('Guard: user state updated:', state); | ||
this.authenticated = state.authenticated; | ||
const user = state.user; | ||
if (this.authenticated) { | ||
this.isAdmin = false; | ||
if (!user) { | ||
this.router.navigateByUrl('/login'); | ||
} else { | ||
this.isAdmin = isAdmin(user); | ||
this.delayed$.next(this.isAdmin); | ||
if (!this.isAdmin) { | ||
this.router.navigateByUrl('/'); | ||
} | ||
} | ||
} | ||
}); | ||
} | ||
|
||
canActivate( | ||
next: ActivatedRouteSnapshot, | ||
state: RouterStateSnapshot | ||
): Observable<boolean> | boolean { | ||
if (this.authenticated) { | ||
return this.isAdmin; | ||
} else { | ||
return this.delayed$.asObservable(); | ||
} | ||
} | ||
} |
Oops, something went wrong.