144 lines
4.7 KiB
TypeScript
144 lines
4.7 KiB
TypeScript
import { inject } from '@angular/core';
|
|
import { ActivatedRouteSnapshot, CanActivateFn, RouterStateSnapshot } from '@angular/router';
|
|
import { ErrorReason } from '@lib/models';
|
|
import {
|
|
AuthService,
|
|
GlobalPreferencesService,
|
|
NavigationService,
|
|
ParticipantService,
|
|
RecordingManagerService,
|
|
RoomService
|
|
} from '@lib/services';
|
|
import { AuthMode, ParticipantRole } from '@lib/typings/ce';
|
|
|
|
export const checkUserAuthenticatedGuard: CanActivateFn = async (
|
|
_route: ActivatedRouteSnapshot,
|
|
state: RouterStateSnapshot
|
|
) => {
|
|
const authService = inject(AuthService);
|
|
const navigationService = inject(NavigationService);
|
|
|
|
// Check if user is authenticated
|
|
const isAuthenticated = await authService.isUserAuthenticated();
|
|
if (!isAuthenticated) {
|
|
// Redirect to the login page
|
|
return navigationService.redirectToLoginPage(state.url);
|
|
}
|
|
|
|
// Allow access to the requested page
|
|
return true;
|
|
};
|
|
|
|
export const checkUserNotAuthenticatedGuard: CanActivateFn = async (
|
|
_route: ActivatedRouteSnapshot,
|
|
_state: RouterStateSnapshot
|
|
) => {
|
|
const authService = inject(AuthService);
|
|
const navigationService = inject(NavigationService);
|
|
|
|
// Check if user is not authenticated
|
|
const isAuthenticated = await authService.isUserAuthenticated();
|
|
if (isAuthenticated) {
|
|
// Redirect to home page
|
|
return navigationService.createRedirectionTo('');
|
|
}
|
|
|
|
// Allow access to the requested page
|
|
return true;
|
|
};
|
|
|
|
export const checkParticipantRoleAndAuthGuard: CanActivateFn = async (
|
|
_route: ActivatedRouteSnapshot,
|
|
state: RouterStateSnapshot
|
|
) => {
|
|
const navigationService = inject(NavigationService);
|
|
const authService = inject(AuthService);
|
|
const preferencesService = inject(GlobalPreferencesService);
|
|
const roomService = inject(RoomService);
|
|
const participantService = inject(ParticipantService);
|
|
|
|
// Get the role that the participant will have in the room based on the room ID and secret
|
|
let participantRole: ParticipantRole;
|
|
|
|
try {
|
|
const roomId = roomService.getRoomId();
|
|
const secret = roomService.getRoomSecret();
|
|
|
|
const roomRoleAndPermissions = await roomService.getRoomRoleAndPermissions(roomId, secret);
|
|
participantRole = roomRoleAndPermissions.role;
|
|
participantService.setParticipantRole(participantRole);
|
|
} catch (error: any) {
|
|
console.error('Error getting participant role:', error);
|
|
switch (error.status) {
|
|
case 400:
|
|
// Invalid secret
|
|
return navigationService.redirectToErrorPage(ErrorReason.INVALID_ROOM_SECRET);
|
|
case 404:
|
|
// Room not found
|
|
return navigationService.redirectToErrorPage(ErrorReason.INVALID_ROOM);
|
|
default:
|
|
return navigationService.redirectToErrorPage(ErrorReason.INTERNAL_ERROR);
|
|
}
|
|
}
|
|
|
|
const authMode = await preferencesService.getAuthModeToAccessRoom();
|
|
|
|
// If the user is a moderator and the room requires authentication for moderators only,
|
|
// or if the room requires authentication for all users,
|
|
// then check if the user is authenticated
|
|
const isAuthRequiredForModerators =
|
|
authMode === AuthMode.MODERATORS_ONLY && participantRole === ParticipantRole.MODERATOR;
|
|
const isAuthRequiredForAllUsers = authMode === AuthMode.ALL_USERS;
|
|
|
|
if (isAuthRequiredForModerators || isAuthRequiredForAllUsers) {
|
|
// Check if user is authenticated
|
|
const isAuthenticated = await authService.isUserAuthenticated();
|
|
if (!isAuthenticated) {
|
|
// Redirect to the login page with query param to redirect back to the room
|
|
return navigationService.redirectToLoginPage(state.url);
|
|
}
|
|
}
|
|
|
|
// Allow access to the room
|
|
return true;
|
|
};
|
|
|
|
export const checkRecordingAuthGuard: CanActivateFn = async (
|
|
route: ActivatedRouteSnapshot,
|
|
state: RouterStateSnapshot
|
|
) => {
|
|
const recordingService = inject(RecordingManagerService);
|
|
const navigationService = inject(NavigationService);
|
|
|
|
const recordingId = route.params['recording-id'];
|
|
const secret = route.queryParams['secret'];
|
|
|
|
if (!secret) {
|
|
// If no secret is provided, redirect to the error page
|
|
return navigationService.redirectToErrorPage(ErrorReason.MISSING_RECORDING_SECRET);
|
|
}
|
|
|
|
try {
|
|
// Attempt to access the recording to check if the secret is valid
|
|
await recordingService.getRecording(recordingId, secret);
|
|
return true;
|
|
} catch (error: any) {
|
|
console.error('Error checking recording access:', error);
|
|
switch (error.status) {
|
|
case 400:
|
|
// Invalid secret
|
|
return navigationService.redirectToErrorPage(ErrorReason.INVALID_RECORDING_SECRET);
|
|
case 401:
|
|
// Unauthorized access
|
|
// Redirect to the login page with query param to redirect back to the recording
|
|
return navigationService.redirectToLoginPage(state.url);
|
|
case 404:
|
|
// Recording not found
|
|
return navigationService.redirectToErrorPage(ErrorReason.INVALID_RECORDING);
|
|
default:
|
|
// Internal error
|
|
return navigationService.redirectToErrorPage(ErrorReason.INTERNAL_ERROR);
|
|
}
|
|
}
|
|
};
|