[progress Communities] [progress Openedge Abl] Forum Post: Re: Removing Views (navigation...

[Shelley Chase]

The following approach handles only hiding ui links to certain views and protect them from direct loading (based on users roles): All custom code for the role based support needs to be put in a custom extension module – we have such place in our app – scripts/extensions/index.js For example: // Import your custom modules here: import customModule from './customModule'; export default angular.module('app.extensions.module', [ customModule ]).name; In our customModule in order to protect the view we need to handle the angular $stateChangeStart and to prevent (or navigate) if the user do not have permissions to see this view: export default angular.module('app.customModule', [ ]) .run(['$rootScope', '$state', ($rootScope, $state) => { $rootScope.$on('$stateChangeStart', function(event, toState) { // Here based on the info from the state we can prohibit loading some of the view. For example: if (toState.name === 'module.default.moduleTwo.grid') { event.preventDefault(); $state.go('unauthorized'); } }); In order to create this unauthorized state we need to use this code: export default angular.module('app.customModule', [ ]) … .config(['$stateProvider', ($stateProvider) => { $stateProvider .state('unauthorized', { url: '/unauthorized', template: ' Not Authorized ' }); Then to not load any ui elements wich points to this view when users with no permission is logger we need to use following code: export default angular.module('app.customModule', [ ]) … .config(['$provide', function($provide) { $provide.decorator('uiSrefDirective', ['$delegate', function ($delegate) { var directive = $delegate[0]; directive.compile = function() { return function(scope, element, attrs) { var stateName = attrs.uiSref.replace(/\(.+\)$/g, ''); // strip out the state params var injector = element.injector(); var state = injector && injector.get('$state').get(stateName); // Watch for null (abstract) states and warn about them rather than erroring. if (!state) { alert('Could not find state:', attrs.uiSref); } else { var Session = injector.get('Session'); // The Session is a service which checks for user permission for a view // If the user lacks sufficient permissions, hide this state from them. if (!Session.userHasPermission(state)) { element.remove(); } } // Otherwise pass through and let uiSref handle the rest directive.link.apply(this, arguments); }; }; return $delegate; }]);

Continue reading...