search

fnakstad / angular-client-side-auth

One way to implement authentication/authorization in Angular applications
http://angular-client-side-auth.herokuapp.com/
MIT License
1.63k stars 346 forks source link

User Role and Access Level Configs #17

Closed derekbarnhart closed 11 years ago

derekbarnhart commented 11 years ago

This allows a user to define an array of roles as string names and then build access levels using those names. It makes it a little easier to modify the roles.

fnakstad commented 11 years ago

Awesome! Thank you for this, Derek.

Definitely makes everything a lot easier for people to work with when they don't have to worry about creating the bit masks themselves. I also noted that you wrote in a comment that the order of the specified user roles mattered, but as far as I can see (and from a little light testing) it doesn't. Whether a role is indicated by a more or less significant bit than another in the bitmask doesn't really affect anything since the significance/position of the bit is used only to identify a user role and nothing more. Do correct me here if I've missed some crucial point :)

I also did some light refactoring to isolate the buildRoles() and buildAccessLevels() from surrounding state, and made it more clear what we're actually exporting from the module. Anyway, thanks a lot for the contribution!

derekbarnhart commented 11 years ago

I am glad you found it useful. I learned so much from this repo I wanted to contribute a little back.

You are correct, within the context of this example the order does not matter. I wrote that comment thinking about user roles that would be associated with users in a database. Should a user be persisted with the "user" role and then another role is placed ahead of the "user" role in the array, it would cause the persisted user to now have the access rights of that newly created role not the original "user" role. Now that I think about it. This issue could probably be circumvented by persisting the string reference to the user role and not the integer representation.

Anyway, I liked your refactoring and replicated those changes in a project I am working on (that I have modeled after your overall approach). Happy to help and I am willing to pitch in with any future enhancements you may have planned.

fnakstad commented 11 years ago

Ah, I see! That's a good point, and something I should fix in the app as I'm currently storing the Number of the role, and not the string. I'm not using a database in the example, but it could be a potential pitfall for anyone adapting the example for use with a database.

Anyway, if you come across anything else that can be improved definitely send me a pull request or post an issue :)