-
Notifications
You must be signed in to change notification settings - Fork 0
/
firefly-security.js
79 lines (72 loc) · 2.24 KB
/
firefly-security.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
/**
* This mixin makes it possible to get the custom claims for the user.
* This mixin must be used on a page that has a 'firebase-auth' element.
* @polymerMixin
* @mixinFunction
*/
export const FireflySecurityMixin = superclass =>
class extends superclass {
static get properties() {
return {
/**
* The firebase user object.
*/
firebaseUser: {
type: Object,
value: null
},
/** An object containing the user's custom claims. */
claims: {
type: Object,
value: null,
notify: true
}
};
}
/**
* This method initialises the claims object.
* @param {Event} e the event object
*/
__initClaims(e) {
let user = e.detail.value;
//console.log(user);
if (user) {
user.getIdTokenResult(true).then(tokens => {
let userClaims = tokens.claims;
this.set("claims", userClaims);
this.__isProtected();
});
}
}
/** This method checks whether signed in user has admin priviledges or not.
* If not the system will re-route to the home page if the user tries to access
* any protected routes
*/
__isProtected() {
const url = location.href;
const regex = new RegExp("(/settings$|/settings-)");
const isProtected = regex.test(url);
if (isProtected && !this.claims.isAdmin) {
window.location.href = "/";
}
}
/**
* Called every time the element is inserted into the DOM. Useful for
* running setup code, such as fetching resources or rendering.
* Generally, you should try to delay work until this time.
*/
connectedCallback() {
super.connectedCallback();
const auth = this.shadowRoot.querySelector("firebase-auth");
auth.addEventListener("user-changed", e => this.__initClaims(e));
}
/**
* Called every time the element is removed from the DOM. Useful for
* running clean up code (removing event listeners, etc.).
*/
disconnectedCallback() {
super.disconnectedCallback();
const auth = this.shadowRoot.querySelector("firebase-auth");
auth.removeEventListener("user-changed", e => this.__initClaims(e));
}
};