"use strict"; (function () { 'use strict'; angular.module('securityModule') .service('session', function () { return { create: function (userId, ssoEnabled, userRole) { this.userId = userId; this.userRole = userRole; this.ssoEnabled = ssoEnabled; this.alive = true; this.expired = false; }, destroy: function () { this.userId = null; this.userRole = null; this.ssoEnabled = false; this.alive = false; this.expired = false; } }; }) .factory('authService', ['$resource', '$rootScope', 'localStorageService', 'permissionModel', 'session', 'AUTH_EVENTS', 'events', '$q', '$cookies', 'configurationModel', function ($resource, $rootScope, localStorageService, permissionModel, session, AUTH_EVENTS, events, $q, $cookies, configurationModel) { var resource = $resource('/smartit/rest/users/sessions/:userId', {}, { login: { method: 'POST' }, logout: { method: 'DELETE', headers: { 'Content-Type': 'application/json' }, data: '' }, sessionStatus: { method: 'GET', url: '/smartit/rest/sessionstatus' }, serverState: { method: 'GET', url: '/smartit/rest/serverstates' }, licenceDeregister: { method: 'POST', url: '/smartit/rest/arlicense/timeout/deregister' } }); function isValidUrl(url) { if (url && url !== '') { return new RegExp('^(http|https)://', 'i').test(url); } return false; } var ssoEnabled = false, midtierUrl = null; var authService = { login: function (requestParams, loginData) { return resource.login(requestParams, loginData).$promise.then(function (result) { requestParams.userId = requestParams.userId ? decodeURIComponent(requestParams.userId) : null; if (!_.isEmpty(result.accessObjects)) { console.log('login success'); session.create(requestParams.userId || result.loginId, ssoEnabled); localStorageService.set('user.userId', session.userId); //Add the csrf token returned by server to localstorage as it is used by MyIT for SRD creation and for seamless login transfer to myit if (result.csrf) { localStorageService.set('user.antiCsrfToken', result.csrf); } $rootScope.$broadcast(events.PERSON_PERMISSION_DATA_LOADED, result.accessObjects); configurationModel.set('enabledServerApplications', result.enabledApplications); configurationModel.set('ckEditorSource', { 'enabled': result.isCKEditorSourceEditable }); configurationModel.set('eschatConfiguration', result.eschat); if (result.attachmentSecurityConfiguration) { configurationModel.set('attachmentSecurityConfiguration', result.attachmentSecurityConfiguration); } $rootScope.$broadcast(AUTH_EVENTS.LOGIN_SUCCESS, { isSsoEnabled: ssoEnabled }); } else { console.log('login response returned no access rights'); var action = ssoEnabled ? $q.when(1) : resource.logout().$promise; return action.then(function () { return $q.reject({ status: 401 }); }); } }); }, logout: function () { var promise = resource.logout().$promise; promise.then(function (response) { console.log('logout success'); localStorageService.remove('user.userId'); // ITSM calendar related storage. sessionStorage.removeItem('calendarFilterState'); sessionStorage.removeItem('calendarFilterView'); sessionStorage.removeItem('calendarFilterDate'); session.destroy(); var logoutEventData = {}; if (!_.isEmpty(response) && (response.postLogoutUrl || response.redirectUrl)) { logoutEventData = response; } $rootScope.$broadcast(AUTH_EVENTS.LOGOUT_SUCCESS, logoutEventData); }); return promise; }, sessionStatus: function () { return resource.sessionStatus({ getLicenseKey: true }).$promise.then(function (result) { session.alive = result.session === 1; midtierUrl = result['midtier.base.url']; if (isValidUrl(midtierUrl)) { $rootScope.$broadcast(events.MIDTIER_URL_LOADED, midtierUrl); } else { localStorage.removeItem('midtierUrl'); } if (session.alive && !_.isEmpty(result.accessObjects)) { session.expired = false; session.userId = localStorageService.get('user.userId'); if (!session.userId) { session.userId = $cookies.get('loginId'); localStorageService.set('user.userId', session.userId); } $rootScope.$broadcast(events.PERSON_PERMISSION_DATA_LOADED, result.accessObjects); configurationModel.set('enabledServerApplications', result.enabledApplications); configurationModel.set('ckEditorSource', { 'enabled': result.isCKEditorSourceEditable }); configurationModel.set('eschatConfiguration', result.eschat); $rootScope.licenseKeys = result.licenseKeys; if (result.attachmentSecurityConfiguration) { configurationModel.set('attachmentSecurityConfiguration', result.attachmentSecurityConfiguration); } } else { session.destroy(); } console.log('session status:', session); }); }, serverState: function () { return resource.serverState().$promise.then(function (result) { ssoEnabled = parseInt(result[0], 10) === 2; console.log('SSO ' + (ssoEnabled ? 'enabled' : 'disabled')); }); }, isAuthenticated: function () { return !!session.userId; }, isAuthorized: function (authorizedRole) { return this.isAuthenticated() && permissionModel.hasRole(authorizedRole); }, isSSOEnabled: function () { return ssoEnabled; }, getMidtierUrl: function () { return midtierUrl; }, deRegister: function () { return resource.licenceDeregister(); } }; return authService; }]); })();