Skip to content

Commit

Permalink
Merge pull request DSpace#2632 from vNovski/DURACOM-202-some-item-edi…
Browse files Browse the repository at this point in the history
…t-pages-are-accessible-by-anonymous-users

Fixes "some item edit pages are accessible by anonymous users"
  • Loading branch information
tdonohue authored Nov 13, 2023
2 parents c515cb2 + 6f64db1 commit e99fff8
Show file tree
Hide file tree
Showing 3 changed files with 70 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ import { ItemPageBitstreamsGuard } from './item-page-bitstreams.guard';
import { ItemPageRelationshipsGuard } from './item-page-relationships.guard';
import { ItemPageVersionHistoryGuard } from './item-page-version-history.guard';
import { ItemPageCollectionMapperGuard } from './item-page-collection-mapper.guard';
import { ItemPageCurateGuard } from './item-page-curate.guard';
import { ItemPageAccessControlGuard } from './item-page-access-control.guard';
import { ThemedDsoEditMetadataComponent } from '../../dso-shared/dso-edit-metadata/themed-dso-edit-metadata.component';
import { ItemPageRegisterDoiGuard } from './item-page-register-doi.guard';
import { ItemCurateComponent } from './item-curate/item-curate.component';
Expand Down Expand Up @@ -87,7 +89,8 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
{
path: 'curate',
component: ItemCurateComponent,
data: { title: 'item.edit.tabs.curate.title', showBreadcrumbs: true }
data: { title: 'item.edit.tabs.curate.title', showBreadcrumbs: true },
canActivate: [ItemPageCurateGuard]
},
{
path: 'relationships',
Expand Down Expand Up @@ -116,7 +119,8 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
{
path: 'access-control',
component: ItemAccessControlComponent,
data: { title: 'item.edit.tabs.access-control.title', showBreadcrumbs: true }
data: { title: 'item.edit.tabs.access-control.title', showBreadcrumbs: true },
canActivate: [ItemPageAccessControlGuard]
},
{
path: 'mapper',
Expand Down Expand Up @@ -202,11 +206,13 @@ import { ItemAccessControlComponent } from './item-access-control/item-access-co
ItemPageWithdrawGuard,
ItemPageAdministratorGuard,
ItemPageMetadataGuard,
ItemPageCurateGuard,
ItemPageStatusGuard,
ItemPageBitstreamsGuard,
ItemPageRelationshipsGuard,
ItemPageVersionHistoryGuard,
ItemPageCollectionMapperGuard,
ItemPageAccessControlGuard,
ItemPageRegisterDoiGuard,
]
})
Expand Down
31 changes: 31 additions & 0 deletions src/app/item-page/edit-item-page/item-page-access-control.guard.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router';
import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service';
import { ItemPageResolver } from '../item-page.resolver';
import { Item } from '../../core/shared/item.model';
import { DsoPageSingleFeatureGuard } from '../../core/data/feature-authorization/feature-authorization-guard/dso-page-single-feature.guard';
import { Observable, of as observableOf } from 'rxjs';
import { FeatureID } from '../../core/data/feature-authorization/feature-id';
import { AuthService } from '../../core/auth/auth.service';

@Injectable({
providedIn: 'root'
})
/**
* Guard for preventing unauthorized access to certain {@link Item} pages requiring administrator rights
*/
export class ItemPageAccessControlGuard extends DsoPageSingleFeatureGuard<Item> {
constructor(protected resolver: ItemPageResolver,
protected authorizationService: AuthorizationDataService,
protected router: Router,
protected authService: AuthService) {
super(resolver, authorizationService, router, authService);
}

/**
* Check administrator authorization rights
*/
getFeatureID(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<FeatureID> {
return observableOf(FeatureID.AdministratorOf);
}
}
31 changes: 31 additions & 0 deletions src/app/item-page/edit-item-page/item-page-curate.guard.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router';
import { AuthorizationDataService } from '../../core/data/feature-authorization/authorization-data.service';
import { ItemPageResolver } from '../item-page.resolver';
import { Item } from '../../core/shared/item.model';
import { DsoPageSingleFeatureGuard } from '../../core/data/feature-authorization/feature-authorization-guard/dso-page-single-feature.guard';
import { Observable, of as observableOf } from 'rxjs';
import { FeatureID } from '../../core/data/feature-authorization/feature-id';
import { AuthService } from '../../core/auth/auth.service';

@Injectable({
providedIn: 'root'
})
/**
* Guard for preventing unauthorized access to certain {@link Item} pages requiring administrator rights
*/
export class ItemPageCurateGuard extends DsoPageSingleFeatureGuard<Item> {
constructor(protected resolver: ItemPageResolver,
protected authorizationService: AuthorizationDataService,
protected router: Router,
protected authService: AuthService) {
super(resolver, authorizationService, router, authService);
}

/**
* Check administrator authorization rights
*/
getFeatureID(next: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<FeatureID> {
return observableOf(FeatureID.AdministratorOf);
}
}

0 comments on commit e99fff8

Please sign in to comment.