implement optional Security parameter for TabPanel #797

2020-11-04 17:27:15 -05:00 · 2020-11-04 17:27:15 -05:00 · d7135ad4f9
commit d7135ad4f9
parent 5b49e1bc7c
2 changed files with 47 additions and 14 deletions
--- a/Oqtane.Client/Modules/Controls/TabPanel.razor
+++ b/Oqtane.Client/Modules/Controls/TabPanel.razor
@ -27,6 +27,9 @@ else
    [Parameter]
    public string Heading { get; set; } // optional - defaults to name if not specified

+    [Parameter]
+    public SecurityAccessLevel? Security { get; set; } // optional - can be used to specify SecurityAccessLevel
+
    protected override void OnInitialized()
    {
        base.OnInitialized();
--- a/Oqtane.Client/Modules/Controls/TabStrip.razor
+++ b/Oqtane.Client/Modules/Controls/TabStrip.razor
@ -7,20 +7,23 @@
            <ul class="nav nav-tabs" role="tablist">
                @foreach (TabPanel tabPanel in _tabPanels)
                {
-                    <li class="nav-item">
-                        @if (tabPanel.Name == ActiveTab)
-                        {
-                            <a class="nav-link active" data-toggle="tab" href="#@tabPanel.Name" role="tab" @onclick:preventDefault="true">
-                                @tabPanel.DisplayHeading()
-                            </a>
-                        }
-                        else
-                        {
-                            <a class="nav-link" data-toggle="tab" href="#@tabPanel.Name" role="tab" @onclick:preventDefault="true">
-                                @tabPanel.DisplayHeading()
-                            </a>
-                        }
-                    </li>
+                    @if (IsAuthorized(tabPanel))
+                    {
+                        <li class="nav-item">
+                            @if (tabPanel.Name == ActiveTab)
+                            {
+                                <a class="nav-link active" data-toggle="tab" href="#@tabPanel.Name" role="tab" @onclick:preventDefault="true">
+                                    @tabPanel.DisplayHeading()
+                                </a>
+                            }
+                            else
+                            {
+                                <a class="nav-link" data-toggle="tab" href="#@tabPanel.Name" role="tab" @onclick:preventDefault="true">
+                                    @tabPanel.DisplayHeading()
+                                </a>
+                            }
+                        </li>
+                    }
                }
            </ul>
            <div class="tab-content">
@ -57,4 +60,31 @@
        }
        StateHasChanged();
    }
+
+    private bool IsAuthorized(TabPanel tabPanel)
+    {
+        var authorized = false;
+        switch (tabPanel.Security)
+        {
+            case null: // security not specified - assume SecurityAccessLevel.Anonymous
+                authorized = true;
+                break;
+            case SecurityAccessLevel.Anonymous:
+                authorized = true;
+                break;
+            case SecurityAccessLevel.View:
+                authorized = UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, ModuleState.Permissions);
+                break;
+            case SecurityAccessLevel.Edit:
+                authorized = UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, ModuleState.Permissions);
+                break;
+            case SecurityAccessLevel.Admin:
+                authorized = UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin);
+                break;
+            case SecurityAccessLevel.Host:
+                authorized = UserSecurity.IsAuthorized(PageState.User, RoleNames.Host);
+                break;
+        }
+        return authorized;
+    }
 }