Protected Page: Flutter Access Control and Permission Management Library

📋 Table of Contents

• Protected Page: Flutter Access Control and Permission Management Library
  • 📋 Table of Contents
  • ⚠️ Important
  • 🚀 How to Configure the Library
    • Basic Configuration
    • Roles and Permissions Configuration
    • Adding Routes and Policies
  • 🛡️ Protecting Widgets with AccessGuard
  • 🔒 Protecting Routes with GetX
  • 🔄 Asynchronous Validation
  • 🆕 New Features
    • Redirect to Login or Fallback Route
    • Configuration
    • Global Loader Configuration
    • Enable or Disable the Loader
    • Customize the Global Loader
    • Example
  • 🚧 Advanced Use Cases
    • Dynamic Global Fallback
  • 📦 Installation
  • 🤝 Contributing
    • Contribution Guidelines
  • 📄 License
  • 📬 Contact

⚠️ Important

As of version 0.0.2, child has been replaced by childBuilder in RouteConfig and AccessGuard. This ensures that protected widgets are only built when accessed, improving application performance.

Please refer to the CHANGELOG for more details on the changes and their impact.

🚀 How to Configure the Library

Basic Configuration

void main() {
  runApp(const MyApp());

  // Global configuration for roles and permissions
  AccessConfig.setKeys(rolesKey: 'user_roles', permissionsKey: 'user_permissions');
  AccessConfig.setUsePermissions(true);

  // Configure a global provider (example with tokens)
  AccessConfig.globalProvider = TokenAccessProvider(
    tokenProvider: () async => "TOKEN_JWT",
    decodeToken: (token) async => {
      'user_roles': ['admin'],
      'user_permissions': ['write', 'read']
    },
  );

  AccessConfig.setGlobalFallback(
    (context) => Scaffold(
      body: Center(child: Text('Access Denied.')),
    ),
  );
}

Roles and Permissions Configuration

AccessConfig.registerRoleGroup('admins', ['admin', 'superadmin']);
AccessConfig.registerRoleGroup('editors', ['editor', 'content_manager']);

Adding Routes and Policies

AccessConfig.addRoutes([
  RouteConfig(
    routeName: '/dashboard',
    policy: AccessPolicy(roles: ['admin']),
    childBuilder: (_) => const DashboardPage(),
    fallback: const Scaffold(body: Text('Access Denied')),
  ),
  RouteConfig(
    routeName: '/settings',
    policy: AccessPolicy(permissions: ['write']),
    childBuilder: (_)=> SettingsPage(),
  ),
]);

🛡️ Protecting Widgets with AccessGuard

class MyApp extends StatelessWidget {
  @override
  Widget build(BuildContext context) {
    return MaterialApp(
      home: AccessGuard(
        routeName: '/dashboard',
        childBuilder: (_) =>DashboardPage(),
      ),
    );
  }
}

🔒 Protecting Routes with GetX

final List appRoutes = [
  GetPage(
    name: '/dashboard',
    page: () => AccessGuard(
      routeName: '/dashboard',
      childBuilder: (_)=> DashboardPage(),
    ),
  ),
  // More routes...
];

🔄 Asynchronous Validation

AccessConfig.addRoutes([
  RouteConfig(
    routeName: '/profile',
    policy: AccessPolicy(
      roles: ['user'],
      customValidator: () async {
        await Future.delayed(const Duration(seconds: 2));
        return true;
      },
    ),
    childBuilder: (_)=> ProfilePage(),
  ),
]);

🆕 New Features

Redirect to Login or Fallback Route

If the user is not authenticated, you can configure a redirectRoute to send them to a login page or any other fallback route.

Configuration

AccessConfig.setRedirectRoute('/login');

If the user is not authenticated, they will automatically be redirected to /login.

Behavior without redirectRoute If redirectRoute is not set, the system will fall back to:

The route-specific fallback, if provided. The global fallback, if no route-specific fallback is defined.

Global Loader Configuration

You can now control whether a loader is displayed globally during access validation. Use the AccessConfig.setGlobalLoader method to enable or disable this behavior.

By default, the loader is enabled and shows a simple placeholder widget (Center(child: CircularProgressIndicator())). You can disable it or provide a custom global loader widget.

Enable or Disable the Loader

// Enable the global loader (default behavior)
AccessConfig.setGlobalLoader(true);

// Disable the global loader
AccessConfig.setGlobalLoader(false);

Customize the Global Loader

You can provide a custom global loader widget to override the default behavior.

// Set a custom loader globally
AccessConfig.setGlobalLoaderWidget((context) => Center(child: Text('Loading, please wait...')));

Example

Here’s an example showing how to use the global loader feature:

void main() {
  AccessConfig.setGlobalLoader(true); // Enable the loader globally
  AccessConfig.setGlobalLoaderWidget((context) => Center(child: CircularProgressIndicator()));

  AccessConfig.setRedirectRoute('/login');
  AccessConfig.globalProvider = MockAccessProvider(
    isAuthenticated: false,
    roles: [],
    permissions: [],
  );

  AccessConfig.addRoutes([
    const RouteConfig(
      routeName: '/dashboard',
      policy: AccessPolicy(roles: ['admin']),
      childBuilder:(_)=> Scaffold(body: Text('Dashboard Page')),
      fallback: Scaffold(body: Text('Access Denied')),
    ),
  ]);

  runApp(MaterialApp(
    initialRoute: '/dashboard',
    routes: {
      '/dashboard': (context) => AccessGuard(
            routeName: '/dashboard',
            childBuilder: (_)=>Scaffold(body: Text('Dashboard Page')),
          ),
      '/login': (context) => const Scaffold(body: Text('Login Page')),
    },
  ));
}

🚧 Advanced Use Cases

Dynamic Global Fallback

AccessConfig.setGlobalFallback(
  (context) {
    final userRoles = AccessConfig.globalProvider?.getRoles();
    if (userRoles?.contains('guest') ?? false) {
      return Scaffold(body: Text('Login Required.'));
    }
    return Scaffold(body: Text('Access Denied.'));
  },
);

📦 Installation

Add the following to your pubspec.yaml:

dependencies:
  access_guard: ^latest_version

Then run:

flutter pub get

🤝 Contributing

Contributions are welcome! Please follow these steps:

1. Fork the repository
2. Create a new branch (git checkout -b feature/new-feature)
3. Make your changes and commit (git commit -m 'Add new feature')
4. Push your changes (git push origin feature/new-feature)
5. Open a Pull Request

Contribution Guidelines

• Keep code clean and readable
• Add tests for new features
• Document changes in the documentation
• Follow project style conventions

📄 License

This project is licensed under the MIT License - see the LICENSE.md file for details.

MIT License

Copyright (c) [year] [full name or organization name]

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

📬 Contact

If you have questions or suggestions, please open an issue on GitHub.