

Show HN: Angular-permission simple access control for your routes in AngularJS - Narzerus
https://www.github.com/Narzerus/angular-permission

======
haches
What are common use cases for client-side permissions, given you can't be sure
the code won't be tampered with? I could think of adapting the UI based on
roles: it's nice to have but not critical. What else?

p.s. thanks for sharing

~~~
Narzerus
Author here:

Basically in angular-permission you define different validations the current
session can pass or not. We are for now calling these 'roles' but im sure
that's not the correct word to describe them.

To give you a better example, let's say we have a Session service which
handles wether we are logged in or not, also stores information about the user
currently logged in. We can define the following 'roles':

'anonymous' -> Session.currentUser is undefined 'admin' ->
Session.currentUser.isAdmin is true 'user' -> Session.currentUser is defined

A common use-case would be not allowing the user to enter the signup and login
view if we are already logged in. So to do that we would add in the login
state a data.permissions object something like this:

permissions: { except: ['anonymous'] redirectTo: 'home' }

This is a fairly common use case of to what a library like this can be useful.
Keep in mind it's still in early stage but we're currently using it in a
fairly big project and it's saved us tons of lines of code.

------
cpursley
Interesting, I'll give this a try. I've been searching around for ways to
handle angular client-side permissions specifically with ui-router. Thanks!

~~~
Narzerus
Author here: Awesome, let me know how it works for you and what would you
improve.

