From d68e6411721b42b094a1bb336efa4ab993d1a40a Mon Sep 17 00:00:00 2001
From: David Donges <david.donges@mni.thm.de>
Date: Wed, 7 Mar 2018 17:09:49 +0100
Subject: [PATCH] Enable route protection without specifying roles

---
 src/app/app-routing.module.ts   | 3 +--
 src/app/authentication.guard.ts | 7 ++++++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts
index d4838e242..5dce23f83 100644
--- a/src/app/app-routing.module.ts
+++ b/src/app/app-routing.module.ts
@@ -26,8 +26,7 @@ const routes: Routes = [
   {
     path: 'room/:roomId',
     component: RoomComponent,
-    canActivate: [AuthenticationGuard],
-    data: { roles: [UserRole.PARTICIPANT, UserRole.CREATOR] }
+    canActivate: [AuthenticationGuard]
   },
   { path: '**', component: PageNotFoundComponent }
 ];
diff --git a/src/app/authentication.guard.ts b/src/app/authentication.guard.ts
index 5e0393aab..3883037a4 100644
--- a/src/app/authentication.guard.ts
+++ b/src/app/authentication.guard.ts
@@ -18,8 +18,13 @@ export class AuthenticationGuard implements CanActivate {
   canActivate(next: ActivatedRouteSnapshot,
               state: RouterStateSnapshot): Observable<boolean> {
     return this.authenticationService.getUser().map(user => {
+      // Get roles having access to this route
+      // undefined if every logged in user should have access regardless of its role
       const requiredRoles = next.data['roles'] as Array<UserRole>;
-      if (user && requiredRoles.includes(user.role)) {
+      // Allow access when user is logged in AND
+      // the route doesn't require a specific role OR
+      // the user's role is one of the required roles
+      if (user && (!requiredRoles || requiredRoles.includes(user.role))) {
         return true;
       }
       this.notificationService.show(`You're not authorized to view this page.`);
-- 
GitLab