Enhancement: Support for roles about mean HOT 11 CLOSED

Thanks @amobrem, that feature is already added on 0.3. Please check it out and tell us what you think - we would love to get your feedback.

from mean.

Sorry I guess I was thinking more of ACL. I don't see that implemented unless I am missing something...

from mean.

@roieki is there any documentation for the new roles feature?

@amobrem, what have you found so far? I'm reading about https://github.com/OptimalBits/node_acl and Sails.JS policies. I agree with you, a roles-acl reusable/pluggable module is much needed and would be an extremely appealing feature for project starters. I was exactly at this point, trying to figure out which acl would fit better in Meanjs.

from mean.

My guess would be https://github.com/optimalbits/node_acl would be the best option

from mean.

Hi @amobrem @telemakhos what about https://www.npmjs.org/package/connect-roles?

from mean.

I already read about connect-roles and it is a great option, but (personally) I like more node_acl and the fact that it comes with several plug&play options for backend (Mongo, Redis, in-memory, etc). This increases the amount of choices for the user and offers the possibility for quickly offloading reads to better performant db engines .

Here’s an example of how it could be nicely implemented (you can scroll to the 4th comment)… OptimalBits/node_acl#38

from mean.

Sorry I was out of town. I agree with @telemakhos .

from mean.

HI @amobrem and @telemakhos take a look at this https://github.com/meanjs/mean/tree/0.3.1 and tell me what you think about the implementation of ACL in the app/policies folder, I find it a bit sketchy so I would be glad to hear your opinion as well.

from mean.

@amoshaviv I think it is is pretty neat, a nice starting point. I think it would also be nice to keep the main app roles in a single ‘corePolicy.js’ or 'mainPolicy.js' file inside the policies/ folder, so we don't have to keep inserting overlapping roles/permissions over and over in newly created modules and just pass a single list.

And then, glob the additional policies specific to vertical modules. I mean, giving both options, first loading the mainPolicy.js and then globbing policies from the vertical modules that extend the main one.

Make sense?

from mean.

Hi Everyone,

In order to help the community better review feature requests, we organized everything in a public Trello board: https://trello.com/b/5FAPcode/mean-js. You can comment and vote on the features you want implemented, so we'll have a clearer understanding of community needs.

Let us know what you think about this solution.

Cheers,
Amos

from mean.

With angular, I usually use a simple AuthenticationService that stores the userID, and the user role on Authentication,

services.AuthenticationService = function($http, SessionService, $rootScope) {

   $rootScope.logged = false;
   var singularUrlBase = apiurl + 'Login';

  return {
     logout : function(){
        SessionService.firstName = null;
        SessionService.lastName = null;
        SessionService.userRole = null;
        SessionService.staffID = null;
        SessionService.logged = false;
    },

    authenticate: function(login,password){
        return $http.put(singularUrlBase, {login:login,pass:password});
    },
    login: function(userData) {   
        SessionService.firstName = userData.firstName;
        SessionService.lastName = userData.lastName;
        SessionService.userRole = userData.role;
        SessionService.staffID = userData.id;
        SessionService.logged = true;            
    },

    isLoggedIn: function() {
        return SessionService.logged;
    },

    getRole: function(){
        return SessionService.userRole;
    },

    validateRole: function(roles) {    
        if(SessionService.userRole === null){
            return false;
        }
        return SessionService.userRole ? _.contains(roles, SessionService.userRole) : false;
    },
    homePage: "/leads"
};

};

then, in my routes definition, I define the roles this way :

 when('/adminReasons', {
            title: "Reasons Admin",
            templateUrl: 'partials/admin/reasons.html',
            controller: "adminReasons",
            roles: ["superadmin", "admin"]
        }).

This will check on every route change event in angularjs that the role assigned to user on login is the same as the one required in the route definition :

$rootScope.$on('$routeChangeStart', function(event, next, current) {
    $rootScope.$broadcast("routeChanged", next);
    if (typeof next.$$route.roles !== "undefined") {
        if (AuthenticationService.validateRole(next.$$route.roles) === false) {
            $location.path('/login');
        }
    }
    else {
        $location.path('/login');
    }
});

This is possible to modify this logic to query every route change with a secure service to make it more secure.

from mean.