Role based authorisation in Angular Js

Question

I am working on a project that requires multiple roles for which I'm using https://github.com/Narzerus/angular-permission. I need to work with different set of permissions on each of these roles. For example, role admin can have permissions ->PageView, PageEdit, PageCreate, while the role viewer has permissions->PageView only.

The roles associated with each user are stored in the database, I am planning to use the transition objects function to ensure what role is associated with what user.

I am new to angular and can't figure out a way to define a role such that I can, 1. Link multiple permissions with it, 2. Associate it with transition properties (dynamic function).

Answer 1

For Role based authorization, you have to manage your app.config and app.run files. Simply apply the following settings :

In app.config file:

   $routeProvider.when( '/', {
        templateUrl: 'views/dashboard.html',
        resolve: {
            "currentAuth": [ "authService", function( authService ) {
                var auth = authService.auth();
                return auth;
            }]
        }
    });


 app.run( [ authService, function(authService) {

        if (role === "admin") {
           // Use changeSuccess method on route to redirect.
        }

} ] );

And In authService fetch the roles from database. In authservice add method:

function functionName(user){
if (user) {
    if (!!~this.roles.indexOf('*')) {
        return true;
    } else {
        for (var userRoleIndex in user.roles) {
            for (var roleIndex in this.roles) {
                if (this.roles[roleIndex] === user.roles[userRoleIndex]) {
                    return true;
                }
            }
        }
    }
} else {
    return this;
}
return false;

}