{"id":13806580,"url":"https://github.com/mselerin/ngx-security","last_synced_at":"2025-04-15T22:56:59.965Z","repository":{"id":33087777,"uuid":"151380739","full_name":"mselerin/ngx-security","owner":"mselerin","description":"Security directives for your Angular application to show/hide elements based on a user roles / permissions.","archived":false,"fork":false,"pushed_at":"2023-03-29T08:34:00.000Z","size":9846,"stargazers_count":21,"open_issues_count":1,"forks_count":4,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-29T02:20:47.184Z","etag":null,"topics":["acl","angular","permissions","roles","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mselerin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-10-03T08:11:54.000Z","updated_at":"2025-02-08T13:39:26.000Z","dependencies_parsed_at":"2024-08-04T01:06:34.709Z","dependency_job_id":"c33f7aa3-aa71-4881-bee7-69afe15108ce","html_url":"https://github.com/mselerin/ngx-security","commit_stats":{"total_commits":164,"total_committers":5,"mean_commits":32.8,"dds":0.5365853658536586,"last_synced_commit":"0b3c54a8467a9da2e4d6fec086808ad9c56c86a7"},"previous_names":[],"tags_count":20,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mselerin%2Fngx-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mselerin%2Fngx-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mselerin%2Fngx-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mselerin%2Fngx-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mselerin","download_url":"https://codeload.github.com/mselerin/ngx-security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249057321,"owners_count":21205903,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acl","angular","permissions","roles","security"],"created_at":"2024-08-04T01:01:13.538Z","updated_at":"2025-04-15T22:56:59.947Z","avatar_url":"https://github.com/mselerin.png","language":"TypeScript","funding_links":[],"categories":["Table of contents"],"sub_categories":["Angular"],"readme":"# Ngx-Security\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![npm](https://img.shields.io/npm/v/ngx-security.svg)](https://www.npmjs.com/package/ngx-security)\n[![CI](https://github.com/mselerin/ngx-security/workflows/Node%20CI/badge.svg?branch=master)](https://github.com/mselerin/ngx-security/actions?query=workflow:\"Node+CI\")\n[![codecov](https://codecov.io/gh/mselerin/ngx-security/branch/master/graph/badge.svg)](https://codecov.io/gh/mselerin/ngx-security)\n\n\u003e :closed_lock_with_key: Security directives for your Angular application to show/hide elements based on a user roles / permissions.\n\n[View changelog](/projects/ngx-security/CHANGELOG.md)\n\n[View migration guide](/MIGRATION.md)\n\n\n## Installation\nInstall the library with:\n```bash\nnpm install ngx-security --save\n```\n\nThen import it in your `AppModule`:\n```typescript\nimport { BrowserModule } from '@angular/platform-browser';\nimport { NgModule } from '@angular/core';\n\nimport { AppComponent } from './app.component';\n\n// Import your library\nimport { NgxSecurityModule } from 'ngx-security';\n\n@NgModule({\n  declarations: [\n    AppComponent\n  ],\n  imports: [\n    BrowserModule,\n    \n    // Importing ngx-security module\n    NgxSecurityModule\n  ],\n  providers: [],\n  bootstrap: [AppComponent]\n})\nexport class AppModule { }\n```\n\n\n## Usage\n\nThe security directives use a *security state* controlled by the `NgxSecurityService`.  \nYou need to set/change this state to use the directives:  \n\n```typescript\nimport { Component, OnInit } from '@angular/core';\nimport { HttpClient } from '@angular/common/http';\nimport { NgxSecurityService } from 'ngx-security';\n\n@Component({\n  selector: 'app-sample',\n  templateUrl: './sample.component.html'\n})\nexport class SampleComponent\n{\n  constructor(\n    private http: HttpClient,\n    private security: NgxSecurityService\n  ) {}\n\n  login() {\n    this.security.setAuthenticationChecker(() =\u003e {\n      return of(true);\n    });\n    \n    this.security.setPermissionChecker((perm: string) =\u003e {\n      return this.http.get(`/api/auth/permissions/has/${perm}`).pipe(\n        map(() =\u003e true)\n      );\n    });\n  }\n  \n  logout() {\n    // Reset the security state to it's initial value\n    this.security.reset();\n  }\n}\n```\n\n\u003e Of course, you can change the security state wherever and whenever you want !\n\nYou can now use the differents directives and the guard.\n\n### Directives\n\n#### IsAuthenticated\n```html\n\u003cdiv *secuIsAuthenticated\u003eI'm authenticated !\u003c/div\u003e\n```\n\n#### IsAnonymous\n```html\n\u003cdiv *secuIsAnonymous\u003eI'm an anonymous user (not authenticated)\u003c/div\u003e\n```\n\n\n#### HasRoles / HasPermissions / IsMemberOf\n```html\n\u003cdiv *secuHasRoles=\"'ADMIN'\"\u003eI have the role 'ADMIN'\u003c/div\u003e\n\u003cdiv *secuHasRoles=\"['CREATOR', 'EDITOR']; else roleElse\"\u003eI have the role 'CREATOR' and 'EDITOR'\u003c/div\u003e\n\u003cng-template #roleElse\u003e\n  \u003cdiv\u003eI don't have the roles\u003c/div\u003e\n\u003c/ng-template\u003e\n```\n\n\n#### HasAnyRoles / HasAnyPermissions / IsMemberOfAny\n```html\n\u003cdiv *secuHasAnyRoles=\"['CREATOR', 'EDITOR']; else roleElse\"\u003eI have the role 'CREATOR' or 'EDITOR'\u003c/div\u003e\n\u003cng-template #roleElse\u003e\n  \u003cdiv\u003eI don't have the roles\u003c/div\u003e\n\u003c/ng-template\u003e\n```\n\n\n#### HasNotRoles / HasNotPermissions / IsNotMemberOf\n```html\n\u003cdiv *secuHasNotRoles=\"'POWERUSER'\"\u003eI don't have the role 'POWERUSER'\u003c/div\u003e\n```\n\n\n\n\n### Route Guard\nThe `NgxSecurityGuard` can prevent an unauthorized user to load / access parts of your application.\n\n```typescript\nimport {\n  ActivatedRouteSnapshot,\n  Route, Routes,\n  RouterStateSnapshot\n} from '@angular/router';\n\nimport { NgxSecurityGuard } from 'ngx-security';\n\nexport const ROUTES: Routes = [\n  {\n    path: 'secured-page',\n    canActivate: [ NgxSecurityGuard ],\n    data: {\n      security: {\n        isAuthenticated: true,\n        hasAllRoles: ['ADMIN', 'USER'],\n        redirectTo: '/access-denied',\n        unauthorizedHandler: (route: Route | ActivatedRouteSnapshot, state?: RouterStateSnapshot) =\u003e {\n          console.warn('No, no, no, you cannot access this !');\n        }\n      }\n    },\n    component: SecuredComponent\n  }\n];\n```\n\n\n## Tips\n\n### Log unauthorized access\n\nYou can use the `unauthorizedHandler` to log unauthorized access to route path :\n\n```typescript\nunauthorizedHandler: (route: Route | ActivatedRouteSnapshot, state?: RouterStateSnapshot) =\u003e {\n  let path = (state ? state.url : null);\n    if (!path \u0026\u0026 route) {\n      path = '/' + (route as Route).path;\n    }\n  \n    console.warn('Unauthorized access', path);\n}\n```\n\n\n## Contributing\nFeel free to introduce a feature request, an issue or a pull request. :ok_hand:\n\n\n## Changelog\nChangelog is available [here](https://github.com/mselerin/ngx-security/blob/master/projects/ngx-security/CHANGELOG.md).\n\n## License\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmselerin%2Fngx-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmselerin%2Fngx-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmselerin%2Fngx-security/lists"}