Hey, Sander:
I'm actually investigating about control-access patterns to apply a light
control-layer to my angular-app. As the Felix's needs, I want to know how
to manage component (enable/remove) based on the granted user permission. I
found that for an "elastic environment" there's is a pattern called ABAC
(attribute-based
access control) which declares that access-control can be achieved by the
usage of policies that handle a combination of subjects(user-role) ,
attributes and environment given. I feel your implementation with the
attribute-directive could fit into it.
El domingo, 27 de noviembre de 2016, 22:51:35 (UTC-5), Sander Elias
escribió:
>
> Hi Felix,
>
> When it comes to ACL and auth, this is usually very tightly bound to the
> project you need it in. I yet have to discover a generic solution for this.
> (a workable one that is.)
> I usually build a couple of services that use bitmasks to determine when a
> user holds the right access permission. When routeing to a service, I
> prevent changing to that route (and display a 'no access' msg).
> If I need to change inside the view itself, I use another service,
> combined with an attribute directive, that can check the permissions, and
> do something like this in the view:
>
> <button ... has-access="user_may_add_somehting">...
>
> the hasAccess directive checks the identifier and the user to grant or
> deny access and shows/hide (or even remove) the element.
> I also add something like this to the css of the project, to prevent items
> from briefly flashing into view:
> [has-access] {
> display:none !importand
> }
>
> Hope this helps you a bit,
> Regards
> Sander
>
--
You received this message because you are subscribed to the Google Groups
"Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
