inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
54c1dbeca5c14d06fd6426bed0ecdaa47f7465f6
alfresco-ng2-components/docs/core/services/auth-guard-sso-role.service.md
Maurizio Vitale 1fa81962a0 👽 Angular 14 rebase 👽 (#7769) 
* fix after rebase

* new release strategy for ng next

Signed-off-by: eromano <eugenioromano16@gmail.com>

* peer dep

Signed-off-by: eromano <eugenioromano16@gmail.com>

* Angular 14

fix unit test and storybook

Signed-off-by: eromano <eugenioromano16@gmail.com>

fix after rebase

Signed-off-by: eromano <eugenioromano16@gmail.com>

update pkg.json

Signed-off-by: eromano <eugenioromano16@gmail.com>

missing dep

Signed-off-by: eromano <eugenioromano16@gmail.com>

Fix mistake and missing code

Dream....build only affected libs

Add utility run commands

* Use nx command to run affected tests

* Fix nx test core

fix content tests

Run unit with watch false

core test fixes

reduce test warnings

Fix process cloud unit

Fix adf unit test

Fix lint process cloud

Disable lint next line

Use right core path

Fix insights unit

fix linting insights

Fix process-services unit

fix the extensions test report

fix test warnings

Fix content unit

Fix bunch of content unit

* Produce an adf alpha of 14

* hopefully fixing the content

* Push back the npm publish

* Remove flaky unit

* Fix linting

* Make the branch as root

* Get rid of angualar13

* Remove the travis depth

* Fixing version for npm

* Enabling cache for unit and build

* Fix scss for core and paths

Copy i18 and asset by using ng-packager

Export the theming alias and fix path

Use ng-package to copy assets process-services-cloud

Use ng-package to copy assets process-services

Use ng-package to copy assets content-services

Use ng-package to copy assets insights

* feat: fix api secondary entry point

* fix storybook rebase

* Move dist under dist/libs from lib/dist

* Fix the webstyle

* Use only necessary nrwl deps and improve lint

* Fix unit for libs

* Convert lint.sh to targets - improve performance

* Use latest of angular

* Align alfresco-js-api

Signed-off-by: eromano <eugenioromano16@gmail.com>
Co-authored-by: eromano <eugenioromano16@gmail.com>
Co-authored-by: Mikolaj Serwicki <mikolaj.serwicki@hyland.com>
Co-authored-by: Tomasz <tomasz.gnyp@hyland.com>
2022-08-25 10:50:30 +01:00

77 lines
2.6 KiB
Markdown
Raw Blame History

---
Title: Auth Guard SSO Role service
Added: v3.1.0
Status: Active
Last reviewed: 2019-03-19
---
# [Auth Guard SSO role service](lib/core/src/lib/services/auth-guard-sso-role.service.ts "Defined in auth-guard-sso-role.service.ts")
Checks the user roles of a user.
## Details
The [Auth Guard SSO role service](../../core/services/auth-guard-sso-role.service.md) implements an Angular
[route guard](https://angular.io/guide/router#milestone-5-route-guards)
to check the user has the right realms/client roles permission. This is typically used with the
`canActivate` guard check in the route definition. The Auth Guard SSO is resposible to check if the JWT contains Realm roles (realm_access) or Client roles (resource_access) based on the route configuration.
*Realms role Example*
```ts
const appRoutes: Routes = [
...
{
path: 'examplepath',
component: ExampleComponent,
canActivate: [ AuthGuardSsoRoleService ],
data: { roles: ['USER_ROLE1', 'USER_ROLE2'], excludedRoles: ['USER_ROLE3']}
},
...
]
```
If the user now clicks on a link or button that follows this route, they will be not able to access this content if they do not have the Realms roles. Additionally, the user will not be able to access the resource when they have a role that is part of the excludedRoles array.
<br />**Notes**: An additional role ALFRESCO_ADMINISTRATORS can be used in the roles array, which will result in checking whether the logged in user has Content Admin capabilities or not, as this role is not part of the JWT token it will call a Content API to determine it.
Client role Example
```ts
const appRoutes: Routes = [
...
{
path: ':examplepath',
component: ExampleComponent,
canActivate: [ AuthGuardSsoRoleService ],
data: { clientRoles: ['examplepath'], roles: ['ACTIVITI_USER']},
},
...
]
```
If the user now clicks on a link or button that follows this route, they will be not able to access this content if they do not have the Client roles.
## Redirect over forbidden
If the you want to redirect the user to a page after a forbidden access, you can use the **redirectUrl** as in the example below:
```ts
const appRoutes: Routes = [
...
{
path: 'examplepath',
component: ExampleComponent,
canActivate: [ AuthGuardSsoRoleService ],
data: { roles: ['ACTIVITI_USER'], redirectUrl: '/error/403'}
},
...
]
```
**Note**: you can use this Guard in and with the other ADF auth guards.
## See also
- [Auth guard ecm service](auth-guard-ecm.service.md)
- [Auth guard bpm service](auth-guard-bpm.service.md)
- [Auth guard service](auth-guard.service.md)
Reference in New Issue View Git Blame Copy Permalink