Role and permission based access control for your angular applications
bower install ng-access-control --save
##### Permission Syntax
{
"name": "ACCOUNTANT",
"permissions": {
"Contract": {
"__self": {
"READ": true,
"WRITE": true,
"UPDATE": true
},
"__global": {
"READ": false,
"WRITE": false,
"UPDATE": true
},
"status": {
"READ": false,
"WRITE": false,
"UPDATE": false
},
"job": {
"title": {
"READ": true,
"UPDATE": false
}
}
},
"Employee": {
"__self": {
"READ": true,
"WRITE": true,
"UPDATE": true
},
"__global": {
"READ": false,
"WRITE": false,
"UPDATE": true
},
"search": {
"READ": true,
"WRITE": false,
"UPDATE": false
}
}
}
}##### Usage in Application
app.run(['ngAcl', function (ngAcl) {
// Set the ACL permission. which you'd fetch from an API or something.
//populate the permission either a single object or an array in the
//form of above syntax
ngAcl.populatePermission(permission);
ngAcl.populateUserRoles('ACCOUNTANT');
// Attach the member role to the current user
ngAcl.setCurrentRole('ACCOUNTANT');
}]);##### Usage in UI as a directive
Directive will take care of the show and hide of the element according to the permissions provided.
<!--For update/write purpose mention the mode-->
<!--For read purpose no need to mention the mode-->
<!--is-author attribute is used to tell that user is the author of the object-->
<input acl="Employee.search" mode="UPDATE" is-author="false" type="text" ng-model="vm.searchKeyword" class="form-control" name="email" placeholder="Enter email">##### Usage of ngAcl service
Pass in the resource name and .can method will return true or false if the resource is allowed of not.
let allower = ngAcl.can('Employee_Create')