Checking for Multiple Permissions

RafaelVidaurre / angular-permission

Simple route authorization via roles/permissions

MIT License

1.13k stars 212 forks source link

Checking for Multiple Permissions #419

Closed parmarsanjay closed 7 years ago

parmarsanjay commented 7 years ago

I am trying to configure angular permission to check for multiple permissions. I would like to show element only if user has all the permissions. In following configuration users sees the element if user has any one of the permission.

permission-only="['perm1', 'perm2']"

Is it possible to configure in such away that user can see element only if he has all permissions?

oleg-demkovych commented 7 years ago

u can create role with validation:

PermRoleStore
        .defineManyRoles({
          'admin': function() {
            return userPerm === 'perm1' && userPerm === 'perm2';
          }
        });

parmarsanjay commented 7 years ago

I thought about that but for my use, it will make it very complicated. Is it not possible to have option like "permssion-all" in the directive?

masterspambot commented 7 years ago

As @olegdemkovych mentioned above you can create role or permission that will iterate over PermissionStore and RoleStore evaluating permssion-all directive.

ghost commented 7 years ago

@masterspambot the solution is inadequate for applications with large numbers of permissions in a large number of unique combinations. Why is it not possible to give control of this to the developer using the library so that they can specify AND or OR ?

JustinLek commented 7 years ago

I created a workaround for myself maybe this helps. It checks if all 3 needed permissions are in the userObject.

PermPermissionStore.definePermission('extraPermissionName', () => {
    const neededPermissions = [
      permission1,
      permission2,
      permission3
    ];
    return neededPermissions.every(permission => userAccount.permissions.includes(permission));
  });

ghost commented 7 years ago

@JustinLek this is essentially the same as defining a role as described here. It still requires that you identify each combination of 'AND' permissions up front.

I took the following approach which works but is still not ideal

private requireAllPermissions(input: string | string[]): string {
  if (input) {
    let permissionOnlyValue: string;
    if (_.isArray(input)) {
      let permissionArray: string[] = input;
      if (permissionArray.length > 1) {
        let roleName: string = permissionArray.join("_");
        if (!this.roleStore.hasRoleDefinition(roleName)) {
          this.roleStore.defineRole(roleName, permissionArray);
        }
        permissionOnlyValue = roleName;
      } else {
        permissionOnlyValue = permissionArray[0];
      }
    } else {
      permissionOnlyValue = input;
    }
    return permissionOnlyValue;
  }
}

requireAllPermissions is exposed on the $rootScope and called with

permission-only="$root.requireAllPermissions(['PermissionA', 'PermissionB'])"