Skip to content

Role in client route authorization #423

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
f2net opened this issue Aug 5, 2014 · 4 comments
Closed

Role in client route authorization #423

f2net opened this issue Aug 5, 2014 · 4 comments
Assignees
@kingcody
Labels
question
Milestone
3.0.0

Comments

@f2net
Copy link

f2net commented Aug 5, 2014

I think it would be useful to have "authorization:admin" or "authorization:user" inside the client routes. Otherwise a user could see the admin interface of a page which doesn't call an API (thus returning the 401 error). It is true that the HTML interface should contain no secrets, but I think it is better not to allow the routing to an admin page to a simple user.
@kingcody
Copy link
Member

kingcody commented Aug 6, 2014

I'm kinda with you on this one @f2net. We could simply make a call to Auth.isAdmin

@JaKXz
Copy link
Collaborator

JaKXz commented Aug 8, 2014

As @kingcody said, you can make a call to the Auth factory. You're welcome to add the methods for the other default roles in a PR.

@JaKXz JaKXz added the question label Aug 15, 2014
@trainerbill
Copy link

I just create a PR:

#840

Now you can place a param authorize on the ui state to check if its an admin user.

@Awk34 Awk34 added this to the 2.3.0 milestone Jul 15, 2015
@Awk34 Awk34 modified the milestones: 3.0.0, 3.1.0 Sep 14, 2015
@kingcody kingcody mentioned this issue Sep 16, 2015
Merged
@Awk34
Copy link
Member

Awk34 commented Sep 25, 2015

This has been resolved with the Auth module, thanks to @kingcody

@Awk34 Awk34 closed this as completed Sep 25, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kingcody kingcody

Labels
question
Projects
None yet
Milestone
3.0.0
Development

No branches or pull requests
4 participants
@kingcody @JaKXz @trainerbill @Awk34