Role-based Dynamic Menus in Angular (Enterprise)

-

Role-based Dynamic Menus in Angular (Enterprise)

This Angular setup includes:

  • ✅ Roles + Permissions
  • ✅ Show/Hide menu items dynamically
  • ✅ Works with Angular Material Sidenav
  • ✅ Supports nested menus
  • ✅ Supports multiple roles
  • ✅ Enterprise clean structure

Goal

If user has:

  • Admin → show everything
  • Manager → show dashboard + reports
  • User → show only basic pages

1️⃣ Permission Model (Enterprise)


// permission.model.ts
export type Role = 'Admin' | 'Manager' | 'User';

export type Permission =
  | 'DASHBOARD_VIEW'
  | 'USERS_VIEW'
  | 'USERS_CREATE'
  | 'REPORTS_VIEW'
  | 'SETTINGS_VIEW';

2️⃣ Menu Model


// menu-item.model.ts
import { Permission } from './permission.model';

export interface MenuItem {
  label: string;
  icon?: string;
  route?: string;
  permissions?: Permission[]; // permissions required
  children?: MenuItem[]; // nested menus
}

3️⃣ Define Enterprise Menu Config


// menu.config.ts
import { MenuItem } from './menu-item.model';

export const MENU_ITEMS: MenuItem[] = [
  {
    label: 'Dashboard',
    icon: 'dashboard',
    route: '/dashboard',
    permissions: ['DASHBOARD_VIEW']
  },
  {
    label: 'Users',
    icon: 'people',
    permissions: ['USERS_VIEW'],
    children: [
      { label: 'User List', route: '/users', permissions: ['USERS_VIEW'] },
      { label: 'Create User', route: '/users/create', permissions: ['USERS_CREATE'] }
    ]
  },
  {
    label: 'Reports',
    icon: 'bar_chart',
    route: '/reports',
    permissions: ['REPORTS_VIEW']
  },
  {
    label: 'Settings',
    icon: 'settings',
    route: '/settings',
    permissions: ['SETTINGS_VIEW']
  }
];

4️⃣ Auth / Permission Service


// permission.service.ts
import { Injectable } from '@angular/core';
import { Permission, Role } from './permission.model';

@Injectable({ providedIn: 'root' })
export class PermissionService {
  private userRoles: Role[] = [];
  private userPermissions: Permission[] = [];

  setUserAccess(roles: Role[], permissions: Permission[]) {
    this.userRoles = roles;
    this.userPermissions = permissions;
  }

  hasPermission(permission: Permission): boolean {
    return this.userPermissions.includes(permission);
  }

  hasAnyPermission(permissions: Permission[]): boolean {
    return permissions.some(p => this.hasPermission(p));
  }

  isInRole(role: Role): boolean {
    return this.userRoles.includes(role);
  }
}

5️⃣ Create a Custom Directive (Best Enterprise Way)

This avoids long *ngIf checks in templates.


// has-permission.directive.ts
import { Directive, Input, TemplateRef, ViewContainerRef } from '@angular/core';
import { Permission } from './permission.model';
import { PermissionService } from './permission.service';

@Directive({ selector: '[hasPermission]' })
export class HasPermissionDirective {
  @Input('hasPermission') requiredPermissions: Permission[] = [];

  constructor(
    private templateRef: TemplateRef,
    private viewContainer: ViewContainerRef,
    private permissionService: PermissionService
  ) {}

  ngOnInit() {
    const canShow = this.permissionService.hasAnyPermission(this.requiredPermissions);
    this.viewContainer.clear();
    if (canShow) this.viewContainer.createEmbeddedView(this.templateRef);
  }
}

6️⃣ Use in Angular Material Menu / Sidenav


// app-sidenav.component.html

  
    
    
      {{ item.icon }}
      {{ item.label }}
    

    
    

      

        {{ item.icon }}
        {{ item.label }}
      

      
        {{ child.label }}

7️⃣ Load Menu in Component


// app-sidenav.component.ts
import { Component } from '@angular/core';
import { MENU_ITEMS } from './menu.config';

@Component({
  selector: 'app-sidenav',
  templateUrl: './app-sidenav.component.html'
})
export class AppSidenavComponent {
  menu = MENU_ITEMS;
}

8️⃣ Enterprise: Filter Menu Items Automatically

Instead of directive in template, filter menu in service before display.


// menu.service.ts
import { Injectable } from '@angular/core';
import { MenuItem } from './menu-item.model';
import { MENU_ITEMS } from './menu.config';
import { PermissionService } from './permission.service';

@Injectable({ providedIn: 'root' })
export class MenuService {
  constructor(private permissionService: PermissionService) {}

  getMenu(): MenuItem[] {
    return this.filterMenu(MENU_ITEMS);
  }

  private filterMenu(items: MenuItem[]): MenuItem[] {
    return items
      .filter(item => !item.permissions || this.permissionService.hasAnyPermission(item.permissions))
      .map(item => ({
        ...item,
        children: item.children ? this.filterMenu(item.children) : undefined
      }))
      .filter(item => !item.children || item.children.length > 0);
  }
}
// Usage in component
menu = this.menuService.getMenu();

Interview Answer (Perfect)

Q) How do you implement role-based menus in Angular?

  • ✅ Store menu items in a config file with required permissions.
  • ✅ Backend returns roles/permissions after login.
  • ✅ Angular filters menu items based on permissions.
  • ✅ UI displays only allowed items using a directive or menu filtering service.

Extra Enterprise Final Touch

Backend should return permissions like:


{
  "roles": ["Admin"],
  "permissions": ["DASHBOARD_VIEW", "USERS_VIEW", "USERS_CREATE"]
}

Comments

Post a Comment

Popular posts from this blog

Debouncing & Throttling in RxJS: Optimizing API Calls and User Interactions

-
RxJS Debounce vs Throttle in Angular – Best Practices & Examples What is RxJS — quick primer RxJS (Reactive Extensions for JavaScript) provides Observables and operators to model and manipulate streams of asynchronous events — from keystrokes and HTTP requests to timers and WebSocket messages. 💡 Why this matters: Operators like debounceTime and throttleTime help you control event frequency, reducing wasted CPU and network work while improving UX. 1. Debouncing — emit after silence Debouncing delays emitting a value until a specified period of inactivity. It's best for typeahead inputs where only the final value after the user stops typing is relevant. Live search example (production-ready) // search.component.ts import { Component, OnDestroy } from '@angular/core'; import { FormControl } from '@angular/forms'; import { Subject } from 'rxjs'; import { debounc...
Read more

Promises in Angular

-
🚀 Promises in Angular – The Complete Beginner’s Guide (with Examples) 📘 Introduction In modern Angular development, handling asynchronous operations is essential. Whether you're fetching data from an API, loading files, or wrapping browser-native APIs, Promises offer a clean and readable way to deal with one-time asynchronous operations. This guide explains: What Promises are How they compare with Observables Real-world examples using .then() and async/await When to use Promises vs Observables in Angular 📚 Table of Contents 🔍 What is a Promise? 🔁 Promise Lifecycle ✨ Key Features 📌 Syntax 💻 Example 1: Fetch 💻 Example 2: setTimeout 📊 Promises vs Observables 🎯 When to Use Promises 📦 Angular Service Example 🔄 Observable vs Promise ❓ FAQ ✅ Summary 🔍 What is a Promise? A Promise is a JavaScript object that represents the eventual success (fulfilled) or failure (rejected) of an asynchronous operation. 📌 Com...
Read more

Comprehensive Guide to C# and .NET Core OOP Concepts and Language Features

-
Comprehensive Guide to C# and .NET Core OOP Concepts Class A class is a blueprint for creating objects that encapsulate both data and behavior. Access Modifiers : public, internal, abstract, sealed control visibility and inheritance. Static Classes : Cannot be instantiated, contain only static members. Partial Classes : Split across files using partial keyword for better organization. public class Car { public string Model; public void Drive() => Console.WriteLine($"{Model} is driving."); } Analogy: A car blueprint used to build many actual cars. Benefits: Reusability, Encapsulation, Abstraction, Inheritance Object An object is an instance of a class. Managed by Garbage Collector for automatic memory cleanup. Boxing/Unboxing allows value types to be treated a...
Read more