The solution is in this fiddle:
http://jsfiddle.net/BmQuY/3/
var app = angular.module('myApp', []);
app.service('authService', function(){
var user = {};
user.role="guest";
return{
getUser: function(){
return user;
},
generateRoleData: function(){
/* this is resolved before the
router loads the view and model.
It needs to return a promise. */
/* ... */
}
}
});
app.directive('restrict', function(authService){
return{
restrict: 'A',
priority: 100000,
scope: false,
compile: function(element, attr, linker){
var accessDenied = true;
var user = authService.getUser();
var attributes = attr.access.split(" ");
for(var i in attributes){
if(user.role == attributes[i]){
accessDenied = false;
}
}
if(accessDenied){
element.children().remove();
element.remove();
}
return function linkFn() {
/* Optional */
}
}
}
});
if you want to use this directive with IE 7 or 8, you’ll need to remove the element’s children manually, otherwise an error will be throw:
angular.forEach(element.children(), function(elm){
try{
elm.remove();
}
catch(ignore){}
});
Example of possible usage:
<div data-restrict access="superuser admin moderator"><a href="#">Administrative options</a></div>
Unit test using Karma + Jasmine:
Attention: the done callback function is only available for Jasmine 2.0, if you are using 1.3, you should use waitsFor instead.
describe('restrict-remove', function(){
var scope, compile, html, elem, authService, timeout;
html="<span data-restrict data-access="admin recruiter scouter"></span>";
beforeEach(function(){
module('myApp.directives');
module('myApp.services');
inject(function($compile, $rootScope, $injector){
authService = $injector.get('authService');
authService.setRole('guest');
scope = $rootScope.$new();
// compile = $compile;
timeout = $injector.get('$timeout');
elem = $compile(html)(scope);
elem.scope().$apply();
});
});
it('should allow basic role-based content discretion', function(done){
timeout(function(){
expect(elem).toBeUndefined();
done(); //might need a longer timeout;
}, 0);
});
});
describe('restrict-keep', function(){
var scope, compile, html, elem, authService, timeout;
html="<span data-restrict data-access="admin recruiter">";
beforeEach(function(){
module('myApp.directives');
module('myApp.services');
inject(function($compile, $rootScope, $injector){
authService = $injector.get('authService');
timeout = $injector.get('$timeout');
authService.setRole('admin');
scope = $rootScope.$new();
elem = $compile(html)(scope);
elem.scope().$apply();
});
});
it('should allow users with sufficient priviledsges to view role-restricted content', function(done){
timeout(function(){
expect(elem).toBeDefined();
expect(elem.length).toEqual(1);
done(); //might need a longer timeout;
}, 0)
})
});
A generic access control directive for elements, without using ng-if(only since V1.2 – currently unstable), or ng-show which doesn’t actually remove the element from the DOM.