0

My project was built on PHP and has some pages on Angular JS. There are three types of accounts in system. Authorization system is based on PHP/Mysql.

For each account I have personal.html template. When user is logged via account(1) I need to show him template /public/html/personal.html from route, if account(2) - template /public/html/personal2.html .etc. So, path /profile/personal/:type is the same for each.

How I can manage this accounts pages with a good level of security?

I use routeProvider:

$routeProvider

        .when('/profile/personal/:type', {
             templateUrl: '/public/html/personal.html',
             controller: 'ProfileController'
  })
tpie
  • 6,021
  • 3
  • 22
  • 41
Hamed
  • 410
  • 1
  • 13
  • 21
  • 1
    possible duplicate of [AngularJS - use routeProvider "when" variables to construct templateUrl name?](http://stackoverflow.com/questions/20637999/angularjs-use-routeprovider-when-variables-to-construct-templateurl-name) – Pankaj Parkar May 08 '15 at 11:38

1 Answers1

1

You can use a function as templateUrl parameter and use it to select the template for the current account type:

$routeProvider
    .when('/profile/personal/:type', {
        templateUrl: function(params)  {
            switch(params.type) {
                case 1:
                    return: '/public/html/personal1.html';
            }
        },
        controller: 'ProfileController'
    });
Numyx
  • 1,758
  • 2
  • 11
  • 16
  • But user can to call `/public/html/personal1.html` dirrectly and get this template. – Hamed May 08 '15 at 11:46
  • That's correct, but you can't change that in your javascript application. If you want to prevent the user from accessing the template of other account types, you need to do this on the server side (return a 403 and use it in your angular application to redirect to an error page). – Numyx May 08 '15 at 12:04
  • Can I use factory inside `$routeProvider` that get variable `type` for `:type` – Hamed May 08 '15 at 19:38