Chapter 7
'LoginFormController')
.then(onLoginDialogClose);
}
}
function closeLoginDialog(success) {
if (loginDialog) {
loginDialog.close(success);
loginDialog = null;
}
}To open the dialog box, we call openLoginDialog(), passing in the URL of the login
form template, security/login/form.tpl.html, and the name of the controller,
LoginFormController. This returns a promise object that will be resolved, when the
dialog box is closed, which we do by calling closeLoginDialog(). When the dialog
box closes, we call the onLoginDialogClose() method, which will clean up and
then run the code based on whether the user logged in successfully or not.
There is nothing very special about the template and controller, they just provide a
simple form for entering an email and a password, and connect it up to the security
and service. The Sign in button is handled by security.login(), and the Cancel
button is handled by security.cancelLogin().
Creating security-aware menus and toolbars
For a good user experience, we should not display things for which the user has no
permission. Hiding elements from the user, however, will not prevent a determined
user from accessing the functionality, it is purely to prevent the user being confused
by trying to use features to which they have no permission. It is common to do
this selective display in navigation menus and toolbars. To make it easier to write
templates that react to the current authentication and authorization state of the user,
we can create a currentUser service.
Hiding the menu items
We should only show menu items that are appropriate for the current
user's permissions.