From ea184444c174b778cd3e4d21361ab191f5d4acae Mon Sep 17 00:00:00 2001
From: Joze RIHTARSIC <Joze.RIHTARSIC@ext.ec.europa.eu>
Date: Fri, 8 Oct 2021 10:46:01 +0200
Subject: [PATCH] Add authentication guard to create, delete, edit table
 actions

---
 .../search-table/search-table.component.ts    | 51 +++++++++++++++----
 .../src/app/guards/authenticated.guard.ts     |  2 +
 2 files changed, 44 insertions(+), 9 deletions(-)

diff --git a/smp-angular/src/app/common/search-table/search-table.component.ts b/smp-angular/src/app/common/search-table/search-table.component.ts
index 92cce74ac..cb045136f 100644
--- a/smp-angular/src/app/common/search-table/search-table.component.ts
+++ b/smp-angular/src/app/common/search-table/search-table.component.ts
@@ -1,4 +1,4 @@
-import { Component, Input, OnInit, TemplateRef, ViewChild} from '@angular/core';
+import {Component, Input, OnInit, TemplateRef, ViewChild} from '@angular/core';
 import {SearchTableResult} from './search-table-result.model';
 import {Observable} from 'rxjs';
 import {AlertService} from '../../alert/alert.service';
@@ -16,6 +16,8 @@ import {HttpParams} from '@angular/common/http';
 import {ConfirmationDialogComponent} from "../confirmation-dialog/confirmation-dialog.component";
 import {SearchTableValidationResult} from "./search-table-validation-result.model";
 import {ExtendedHttpClient} from "../../http/extended-http-client";
+import {Router} from "@angular/router";
+import {AuthenticatedGuard} from "../../guards/authenticated.guard";
 
 @Component({
   selector: 'smp-search-table',
@@ -23,10 +25,10 @@ import {ExtendedHttpClient} from "../../http/extended-http-client";
   styleUrls: ['./search-table.component.css']
 })
 export class SearchTableComponent implements OnInit {
-  @ViewChild('searchTable', { static: true }) searchTable: any;
-  @ViewChild('rowActions', { static: true }) rowActions: TemplateRef<any>;
-  @ViewChild('rowExpand', { static: true }) rowExpand: TemplateRef<any>;
-  @ViewChild('rowIndex', { static: true }) rowIndex: TemplateRef<any>;
+  @ViewChild('searchTable', {static: true}) searchTable: any;
+  @ViewChild('rowActions', {static: true}) rowActions: TemplateRef<any>;
+  @ViewChild('rowExpand', {static: true}) rowExpand: TemplateRef<any>;
+  @ViewChild('rowIndex', {static: true}) rowIndex: TemplateRef<any>;
 
   @Input() additionalToolButtons: TemplateRef<any>;
   @Input() additionalRowActionButtons: TemplateRef<any>;
@@ -69,7 +71,8 @@ export class SearchTableComponent implements OnInit {
   constructor(protected http: ExtendedHttpClient,
               protected alertService: AlertService,
               private downloadService: DownloadService,
-              public dialog: MatDialog) {
+              public dialog: MatDialog,
+              private router: Router, private authenticatedGuard: AuthenticatedGuard) {
   }
 
   ngOnInit() {
@@ -221,11 +224,15 @@ export class SearchTableComponent implements OnInit {
   }
 
 
-  onDeleteRowActionClicked(row: SearchTableEntity) {
-    this.deleteSearchTableEntities([row]);
+  onNewButtonClicked() {
+    this.authenticatedGuard.canActivate(this.router.routerState.snapshot.root, this.router.routerState.snapshot).subscribe(authorized => {
+      if (authorized) {
+        this.fireCreateNewEntityEvent();
+      }
+    })
   }
 
-  onNewButtonClicked() {
+  fireCreateNewEntityEvent() {
     const formRef: MatDialogRef<any> = this.searchTableController.newDialog({
       data: {edit: false}
     });
@@ -242,10 +249,35 @@ export class SearchTableComponent implements OnInit {
   }
 
   onDeleteButtonClicked() {
+    this.authenticatedGuard.canActivate(this.router.routerState.snapshot.root, this.router.routerState.snapshot).subscribe(authorized => {
+      if (authorized) {
+        this.fireDeleteEntityEvent();
+      }
+    })
+  }
+
+  fireDeleteEntityEvent() {
     this.deleteSearchTableEntities(this.selected);
   }
 
+  onDeleteRowActionClicked(row: SearchTableEntity) {
+    this.authenticatedGuard.canActivate(this.router.routerState.snapshot.root, this.router.routerState.snapshot).subscribe(authorized => {
+      if (authorized) {
+        this.deleteSearchTableEntities([row]);
+      }
+    })
+
+  }
+
   onEditButtonClicked() {
+    this.authenticatedGuard.canActivate(this.router.routerState.snapshot.root, this.router.routerState.snapshot).subscribe(authorized => {
+      if (authorized) {
+        this.fireEditEntityEvent();
+      }
+    })
+  }
+
+  fireEditEntityEvent() {
     if (this.rowNumber >= 0 && this.rows[this.rowNumber] && this.rows[this.rowNumber].deleted) {
       this.alertService.error('You cannot edit a deleted entry.', false);
       return;
@@ -253,6 +285,7 @@ export class SearchTableComponent implements OnInit {
     this.editSearchTableEntity(this.rowNumber);
   }
 
+
   onSaveButtonClicked(withDownloadCSV: boolean) {
     try {
       this.dialog.open(SaveDialogComponent).afterClosed().subscribe(result => {
diff --git a/smp-angular/src/app/guards/authenticated.guard.ts b/smp-angular/src/app/guards/authenticated.guard.ts
index d37629451..264bf48ac 100644
--- a/smp-angular/src/app/guards/authenticated.guard.ts
+++ b/smp-angular/src/app/guards/authenticated.guard.ts
@@ -16,9 +16,11 @@ export class AuthenticatedGuard implements CanActivate {
       if(isAuthenticated) {
         subject.next(true);
       } else {
+        console.log("User session is not active")
         // not logged in so redirect to login page with the return url
         this.router.navigate(['/login'], {queryParams: {returnUrl: state.url}});
         subject.next(false);
+        this.alertService.error('You have been logged out because of inactivity or missing access permissions.', true);
       }
     });
     return subject.asObservable();
-- 
GitLab