diff --git a/ui/src/app/app.component.spec.ts b/ui/src/app/app.component.spec.ts index b76cbccde..754afd64f 100644 --- a/ui/src/app/app.component.spec.ts +++ b/ui/src/app/app.component.spec.ts @@ -58,7 +58,7 @@ describe('AppComponent', () => { it('should create the app', async(() => { expect(app).toBeTruthy(); - expect(store.dispatch).toHaveBeenCalledTimes(2); + expect(store.dispatch).toHaveBeenCalledTimes(3); })); it(`should have as title 'Shib-UI'`, async(() => { diff --git a/ui/src/app/core/reducer/index.ts b/ui/src/app/core/reducer/index.ts index edf4c41b7..7d420742b 100644 --- a/ui/src/app/core/reducer/index.ts +++ b/ui/src/app/core/reducer/index.ts @@ -42,4 +42,4 @@ export const getVersionError = createSelector(getVersionState, fromVersion.getVe export const getConfigState = createSelector(getCoreFeature, getConfigStateFn); export const getRoles = createSelector(getConfigState, fromConfig.getRoles); -export const isCurrentUserAdmin = createSelector(getUser, user => user.role === 'ROLE_ADMIN'); +export const isCurrentUserAdmin = createSelector(getUser, user => user ? user.role === 'ROLE_ADMIN' : null); diff --git a/ui/src/app/core/reducer/user.reducer.spec.ts b/ui/src/app/core/reducer/user.reducer.spec.ts index 6dc2bed01..d7cbaacdf 100644 --- a/ui/src/app/core/reducer/user.reducer.spec.ts +++ b/ui/src/app/core/reducer/user.reducer.spec.ts @@ -11,12 +11,11 @@ describe('User Reducer', () => { }; const user: User = { - id: '1', + username: 'foo', role: 'admin', - name: { - first: 'foo', - last: 'bar' - } + firstName: 'somebody', + lastName: 'nobody', + emailAddress: 'email@edu.edu' }; describe('undefined action', () => { @@ -59,14 +58,7 @@ describe('User Reducer', () => { describe('User Selectors', () => { const state = { - user: { - id: '1', - role: 'admin', - name: { - first: 'foo', - last: 'bar' - } - }, + user: { ...user }, fetching: true, error: { message: 'foo', type: 'bar' } } as fromUser.UserState; diff --git a/ui/src/app/core/service/admin.guard.ts b/ui/src/app/core/service/admin.guard.ts new file mode 100644 index 000000000..c602082c8 --- /dev/null +++ b/ui/src/app/core/service/admin.guard.ts @@ -0,0 +1,37 @@ +import { Injectable } from '@angular/core'; +import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, Router } from '@angular/router'; +import { Store } from '@ngrx/store'; + +import * as fromCore from '../reducer'; +import { Observable } from 'rxjs'; +import { filter, catchError, take } from 'rxjs/operators'; + + +@Injectable({ + providedIn: 'root', +}) +export class AdminGuard implements CanActivate { + + constructor( + private store: Store, + private router: Router + ) {} + + canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable { + const isAdminObs = this.checkIsAdmin().pipe(take(1)); + isAdminObs.subscribe(authed => { + if (!authed) { + this.router.navigate(['/']); + } + }); + return isAdminObs; + } + + checkIsAdmin(): Observable { + return this.store + .select(fromCore.isCurrentUserAdmin) + .pipe( + filter(isAdmin => isAdmin !== null), + ); + } +} diff --git a/ui/src/app/core/service/user.service.ts b/ui/src/app/core/service/user.service.ts index 3a72d1a4a..a299d8394 100644 --- a/ui/src/app/core/service/user.service.ts +++ b/ui/src/app/core/service/user.service.ts @@ -2,7 +2,7 @@ import { Injectable } from '@angular/core'; import { Observable, of } from 'rxjs'; import { User } from '../model/user'; import { HttpClient } from '@angular/common/http'; -import { catchError } from 'rxjs/operators'; +import { catchError, map } from 'rxjs/operators'; @Injectable() export class UserService { @@ -21,15 +21,8 @@ export class UserService { getCurrentUser(): Observable { return this.http.get( - `${this.base}/user` - ).pipe( - catchError(err => of({ - username: 'abc123', - firstName: 'Foo', - lastName: 'Bar', - role: 'ROLE_USER', - emailAddress: 'foo@unicon.net' - } as User)) + `${this.base}/admin/users/current` ); + // .pipe(map(user => ({ ...user, role: 'ROLE_USER' }))); } } /* istanbul ignore next */ diff --git a/ui/src/app/dashboard/dashboard.routing.ts b/ui/src/app/dashboard/dashboard.routing.ts index 7030aa073..3f86458f4 100644 --- a/ui/src/app/dashboard/dashboard.routing.ts +++ b/ui/src/app/dashboard/dashboard.routing.ts @@ -8,6 +8,7 @@ import { DashboardProvidersListComponent } from '../metadata/manager/container/d import { UserPageComponent } from '../user/user.component'; import { AdminComponent } from '../user/admin/admin.component'; import { AdminManagementPageComponent } from '../user/admin/container/admin-management.component'; +import { AdminGuard } from '../core/service/admin.guard'; const routes: Routes = [ { @@ -26,7 +27,7 @@ const routes: Routes = [ children: [ { path: '', redirectTo: 'resolvers', pathMatch: 'prefix' }, { path: 'resolvers', component: DashboardResolversListComponent }, - { path: 'providers', component: DashboardProvidersListComponent }, + { path: 'providers', component: DashboardProvidersListComponent, canActivate: [AdminGuard] }, ] } ] @@ -34,6 +35,7 @@ const routes: Routes = [ { path: 'users', component: UserPageComponent, + canActivate: [AdminGuard], children: [ { path: '', redirectTo: 'admin', pathMatch: 'prefix' }, { diff --git a/ui/src/app/metadata/provider/provider.routing.ts b/ui/src/app/metadata/provider/provider.routing.ts index 1dcbc4fbb..0e8d69549 100644 --- a/ui/src/app/metadata/provider/provider.routing.ts +++ b/ui/src/app/metadata/provider/provider.routing.ts @@ -12,11 +12,13 @@ import { SelectFilterComponent } from '../filter/container/select-filter.compone import { EditFilterComponent } from '../filter/container/edit-filter.component'; import { CanDeactivateGuard } from '../../core/service/can-deactivate.guard'; import { FilterComponent } from '../filter/container/filter.component'; +import { AdminGuard } from '../../core/service/admin.guard'; export const ProviderRoutes: Routes = [ { path: 'provider', component: ProviderComponent, + canActivate: [AdminGuard], children: [ { path: 'wizard',