Confidential Docs
Authentication
Confidential Docs
Authentication
Search icon (depiction of a magnifying glass)
View GitHub RSS Feed
Set theme to dark (⇧+D)
  1. Products
  2. Authentication
  3. Authorization service

Authorization service

A very basic authorization service only needs a view action.
An example of a very basic service:

import { Injectable } from '@angular/core';
import { BaseAuthorizationService } from './base-authorization.service';
import { ApiAction } from '@datamodels/enums/generated/api-action.enum';

@Injectable({providedIn:'root'})
export class MainAuthorizationService extends BaseAuthorizationService {
    protected viewAction = ApiAction.ViewMainDashboard;

constructor(actionService: ActionService,
    scopeProviderService: ScopeProviderService,
    scopeService: ScopeService,
    injector: Injector) {
    super(actionService, scopeProviderService, scopeService, injector);
    }
}

But sometimes your service needs to do more. Like creating/editing, removing or assessing. Or perhaps you need the recyclebin. It is even possible that an id is needed for your action. In that case you can implement the pre-defined interfaces. An example of an extended service:

import { Injectable } from '@angular/core';
import { BaseAuthorizationService } from './base-authorization.service';
import { ApiAction } from '@datamodels/enums/generated/api-action.enum';
import { EditActionInterface } from './interfaces/edit-action.interface';
import { DeleteActionInterface } from './interfaces/delete-action.interface';
import { RecyclebinActionInterface } from './interfaces/recyclebin-action.interface';
import { AssessActionInterface } from './interfaces/assess-action.interface';
import { IdBasedAuthorizationInterface } from './interfaces/id-based-authorization.interface';
import { ActivatedRouteSnapshot } from '@angular/router';
import { ProductDetailRouting } from '@datamodels/routing/product-detail-routing';

@Injectable({ providedIn: 'root' })
export class ProductAuthorizationService extends BaseAuthorizationService implements EditActionInterface, DeleteActionInterface, RecyclebinActionInterface, AssessActionInterface, IdBasedAuthorizationInterface {
    public assessAction = ApiAction.AssessProduct;
    public deleteAction = ApiAction.DeleteProduct;
    public editAction = ApiAction.EditProduct;
    public purgeAction = ApiAction.PurgeProduct;
    public restoreRecyclebinAction = ApiAction.RestoreRecyclebinProduct;
    public viewRecyclebinAction = ApiAction.ViewRecyclebinProduct;
    protected viewAction = ApiAction.ViewProduct;

constructor(actionService: ActionService,
    scopeProviderService: ScopeProviderService,
    scopeService: ScopeService,
    injector: Injector) {
    super(actionService, scopeProviderService, scopeService, injector);
    }

    public allowAssess(): boolean {
        return this.actionService.allowAction(this.assessAction);
    }
    
    public allowDelete(): boolean {
        return this.actionService.allowAction(this.deleteAction);
    }
    
    public allowEdit(): boolean {
        return this.actionService.allowAction(this.editAction);
    }

    public allowPurge(): boolean {
        return this.actionService.allowAction(this.purgeAction);
    }

    public allowRestoreRecylebin(): boolean {
        return this.actionService.allowAction(this.restoreRecyclebinAction);
    }
    
    public allowViewRecyclebin(): boolean {
        return this.actionService.allowAction(this.viewRecyclebinAction);
    }

    public getIdFromActivatedRouteSnapshot(route: ActivatedRouteSnapshot): number {
        return +route.paramMap.get(ProductDetailRouting.idParam);
    }
}

N.B: If the pre-defined interfaces aren’t enough, you can add your custom logic without an interface.