fix(core): Client routes guest access bug

mleanos · mleanos · commit bfcfb555ffcd · 2015-12-29T23:28:14.000-08:00
Adds a check for the existence of the "guest" role in the state configuration that we're transitioning to, in the core $stateChangeStart event handler. If it exists, then we allow access. Also, added validation of Authentication.user object. While writing tests, I ran into an issue here when the Authentication service wasn't injected into a controller. Probably best to have this check in place. Fixes #1098
diff --git a/modules/core/client/app/init.js b/modules/core/client/app/init.js
@@ -19,7 +19,7 @@ angular.module(ApplicationConfiguration.applicationModuleName).run(function ($ro
     if (toState.data && toState.data.roles && toState.data.roles.length > 0) {
       var allowed = false;
       toState.data.roles.forEach(function (role) {
-        if (Authentication.user.roles !== undefined && Authentication.user.roles.indexOf(role) !== -1) {
+        if ((role === 'guest') || (Authentication.user && Authentication.user.roles !== undefined && Authentication.user.roles.indexOf(role) !== -1)) {
           allowed = true;
           return true;
         }

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ angular.module(ApplicationConfiguration.applicationModuleName).run(function ($ro`
`19`	`19`	`if (toState.data && toState.data.roles && toState.data.roles.length > 0) {`
`20`	`20`	`var allowed = false;`
`21`	`21`	`toState.data.roles.forEach(function (role) {`
`22`		`- if (Authentication.user.roles !== undefined && Authentication.user.roles.indexOf(role) !== -1) {`
	`22`	`+ if ((role === 'guest') \|\| (Authentication.user && Authentication.user.roles !== undefined && Authentication.user.roles.indexOf(role) !== -1)) {`
`23`	`23`	`allowed = true;`
`24`	`24`	`return true;`
`25`	`25`	`}`