0

I am building a single page web system by using Angular as front end and Java(Spring-Boot) as backend. This system has different roles and user must be assigned to one Role. Different role can do different operations.

Let's say to keep it simple : there are 2 roles in System : Super User and Admin. The only feature in this system is Product which has 3 properties : name, retail_price,factory_price. Super User can add product and update these properties. Admin can view name and retail_price but Admin is not able to see factory_price.Admin can also update retail_price but can not add Product.

In order to implement this feature control in Angular, right now, i am hardcoding the code in HTML. When showing the Products page, the Add button will be shown if the login user belongs to Super User. When showing the Product Detail Page, factory_price will be hidden and name field will be readonly if the login user belongs to Admin.

Obviously,it's not good way to do it because all these control code is in HTML , everyone can read it and know our logic. I am looking for some solution and guidance which can handle this logic in server side and server just return whatever browser needs to show and front end (Angular) just show the content from server and get rid of all these control logic as mentioned above.

Another challenge is how to handle different HTML for different role. e.g for Product detail page, i want to prepare the HTML content for different role in Server side and once login user goes to Product detail page, angular just send a Restful call and get the HTML content from backend and show it. Then Client side doesn't need to have any logic and just show it. Should i use different HTML template for different role?

lorcel
  • 315
  • 1
  • 3
  • 12

1 Answers1

0

The protocol you are using is HTTP which is stateless. It is not mentioned which technology in Java ( Spring , JSP Servlet ) you are using for your backend. If you have different users and they have different authorities or roles you need to keep a session associated inside back end. When you can get the logged in user then you can extract the roles of that user. Upon these attributes you can query the database and provide data to the client end.

Juliyanage Silva
  • 2,529
  • 1
  • 21
  • 33
  • I can get role for the login user from login session. Actually the challenge is how to design the system after getting the role information . i am using angular in client side and want to get rid of any control logic from client side. So server side is supposed to prepare all the HTML content and send to client. Client just need to show the content. It seems like i need to prepare some HTML content in backend and use different template for different role then return to client. – lorcel Dec 14 '16 at 18:11
  • when using angular you need to set view templates at the client end scripts. In your scenario you need serverside html handling done via JSP like technology. But when designing it with a REST API client side logic handling might get low. I suggest you to pull JSON objects from serverside and according to those object's parameters you can select templates in client side. – Juliyanage Silva Dec 15 '16 at 03:33
  • For me since the Angular 2 is more to OOP I feel it is the best to design REST APIs. – Juliyanage Silva Dec 15 '16 at 03:44
  • I am not sure if it's best practice to select angular view templates in client side based on the sever response because in that case,angular side still have such control logic such as if for this role, user this template ,for another role , use that template. In addition, that will introduce lots of templates e.g for my case, there will be two templates for Product List page, one for Super user , the other for Admin which doesn't have 'ADD button. two templates for Product Detail page, one for Super user, the other for Admin which doesn't show factory_price and name is not editable. – lorcel Dec 15 '16 at 21:03
  • Handling some controller logic and different templates makes Angular like technologies valuable. If this is adding extra work on client side go with JSP Servelets like stack where you can handle most of the logic in server side. – Juliyanage Silva Dec 16 '16 at 03:22