IOT-1149: Only make permission link if user can view

VirtualSatai · VirtualSatai · commit 45231e0f3081 · 2020-12-14T13:51:08.000+01:00
diff --git a/src/app/admin/permission/permission-list/permission-tabel/permission-tabel.component.html b/src/app/admin/permission/permission-list/permission-tabel/permission-tabel.component.html
@@ -7,8 +7,14 @@
                 {{ 'PERMISSION.NAME' | translate }}
             </th>
             <td mat-cell *matCellDef="let element">
-                <a (click)="routeToPermissions(element)" routerLinkActive="active" class="permission-link">
-                    {{element.name}}</a>
+                <a *ngIf="canAccess(element); else justText"
+                (click)="routeToPermissions(element)"
+                    routerLinkActive="active" class="permission-link">
+                {{element.name}}
+                </a>
+                <ng-template #justText>
+                    {{element.name}}
+                </ng-template>
             </td>
         </ng-container>
 
@@ -48,7 +54,7 @@
         <ng-container matColumnDef="menu">
             <th mat-header-cell *matHeaderCellDef></th>
             <td mat-cell *matCellDef="let element">
-                <div class="dropdown ">
+                <div class="dropdown " *ngIf="canAccess(element)">
                     <a href="#" role="button" id="tableRowDropdown-{{element.id}}"
                         class="applicationRow__edit dropdown-toggle" data-toggle="dropdown" aria-expanded="false"
                         [attr.aria-label]="'APPLICATION-TABLE-ROW.SHOW-OPTIONS' | translate"></a>
diff --git a/src/app/admin/permission/permission-list/permission-tabel/permission-tabel.component.ts b/src/app/admin/permission/permission-list/permission-tabel/permission-tabel.component.ts
@@ -5,11 +5,13 @@ import { Router } from '@angular/router';
 import { environment } from '@environments/environment';
 import { TranslateService } from '@ngx-translate/core';
 import { DeleteDialogService } from '@shared/components/delete-dialog/delete-dialog.service';
+import { MeService } from '@shared/services/me.service';
 import { merge, Observable, of as observableOf } from 'rxjs';
 import { startWith, switchMap, map, catchError } from 'rxjs/operators';
 import {
     PermissionGetManyResponse,
     PermissionResponse,
+    PermissionType,
 } from '../../permission.model';
 import { PermissionService } from '../../permission.service';
 
@@ -42,7 +44,8 @@ export class PermissionTabelComponent implements AfterViewInit {
         public translate: TranslateService,
         private router: Router,
         private permissionService: PermissionService,
-        private deleteDialogService: DeleteDialogService
+        private deleteDialogService: DeleteDialogService,
+        private meService: MeService,
     ) {
         translate.use('da');
     }
@@ -106,6 +109,13 @@ export class PermissionTabelComponent implements AfterViewInit {
         })
     }
 
+    canAccess(element: PermissionResponse) {
+        if (element.type == PermissionType.GlobalAdmin) {
+            return this.meService.hasGlobalAdmin();
+        }
+        return this.meService.hasAdminAccessInTargetOrganization(element.organization.id);
+    }
+
     private refresh() {
         const pageEvent = new PageEvent();
         pageEvent.pageIndex = this.paginator.pageIndex;
diff --git a/src/app/shared/services/me.service.ts b/src/app/shared/services/me.service.ts
@@ -9,17 +9,34 @@ import { SharedVariableService } from '@shared/shared-variable/shared-variable.s
 export class MeService {
   private user: UserResponse;
 
-  constructor(
-    private sharedVariableService: SharedVariableService
-  ) {}
+  constructor(private sharedVariableService: SharedVariableService) {}
 
   canWriteInTargetOrganization(id: number): boolean {
+    const userInfo = this.sharedVariableService.getUserInfo();
+    return userInfo.user.permissions.some((permission) => {
+      return (
+        permission.type === PermissionType.GlobalAdmin ||
+        (permission.organization.id === id &&
+          (permission.type === PermissionType.Write ||
+            permission.type === PermissionType.OrganizationAdmin))
+      );
+    });
+  }
+
+  hasAdminAccessInTargetOrganization(id: number): boolean {
+    const userInfo = this.sharedVariableService.getUserInfo();
+    return userInfo.user.permissions.some((permission) => {
+      return (
+        permission.type === PermissionType.GlobalAdmin ||
+        (permission.organization.id === id &&
+          permission.type === PermissionType.OrganizationAdmin)
+      );
+    });
+  }
+  hasGlobalAdmin() {
     const userInfo = this.sharedVariableService.getUserInfo();
     return userInfo.user.permissions.some(
-      permission => {
-        return permission.type === PermissionType.GlobalAdmin || 
-        (permission.organization.id === id && (permission.type === PermissionType.Write || permission.type === PermissionType.OrganizationAdmin));
-      }
+      (permission) => permission.type === PermissionType.GlobalAdmin
     );
   }
 }
