Changed routing for series to use library/:id/series/:id so that we can always validate a user has library access.

src/app/_guards/library-access.guard.ts

@@ -0,0 +1,41 @@
+import { Injectable } from '@angular/core';
+import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, UrlTree } from '@angular/router';
+import { ToastrService } from 'ngx-toastr';
+import { Observable } from 'rxjs';
+import { map } from 'rxjs/operators';
+import { User } from '../_models/user';
+import { AccountService } from '../_services/account.service';
+import { MemberService } from '../_services/member.service';
+
+@Injectable({
+  providedIn: 'root'
+})
+export class LibraryAccessGuard implements CanActivate {
+
+  constructor(private accountService: AccountService, private toastr: ToastrService, private memberService: MemberService) {}
+
+  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> {
+
+
+
+
+
+    return this.accountService.currentUser$.pipe(
+      map((user: User) => {
+        if (user) {
+          const libraryId = parseInt(state.url.split('library/')[1], 10);
+          this.memberService.hasLibraryAccess(libraryId).pipe(res => {
+            console.log('return: ', res);
+            return res;
+          });
+          console.log('state:', state.url);
+          console.log('route: ', route);
+          return true;
+        }
+        this.toastr.error('You are not authorized to view this page.');
+        return false;
+      })
+    );
+  }
+  
+}

src/app/_services/member.service.ts

@@ -24,4 +24,8 @@ export class MemberService {
     return this.httpClient.delete(this.baseUrl + 'users/delete-user?username=' + username);
   }
 
+  hasLibraryAccess(libraryId: number) {
+    return this.httpClient.get<boolean>(this.baseUrl + 'users/has-library-access?libraryId=' + libraryId);
+  }
+
 }

src/app/app-routing.module.ts

@@ -4,6 +4,8 @@ import { HomeComponent } from './home/home.component';
 import { LibraryDetailComponent } from './library-detail/library-detail.component';
 import { LibraryComponent } from './library/library.component';
 import { SeriesDetailComponent } from './series-detail/series-detail.component';
+import { LibraryAccessGuard } from './_guards/library-access.guard';
+
 
 const routes: Routes = [
   {path: '', component: HomeComponent},
@@ -12,8 +14,15 @@ const routes: Routes = [
     loadChildren: () => import('./admin/admin.module').then(m => m.AdminModule)
   },
   {path: 'library', component: LibraryComponent},
-  {path: 'library/:id', component: LibraryDetailComponent}, // NOTE: Should I put a guard up to prevent unauthorized access to libraries and series? 
-  {path: 'series/:id', component: SeriesDetailComponent},
+  {
+    path: '',
+    runGuardsAndResolvers: 'always',
+    canActivate: [LibraryAccessGuard],
+    children: [
+      {path: 'library/:id', component: LibraryDetailComponent},
+      {path: 'library/:id/series/:id', component: SeriesDetailComponent},
+    ]
+  },
   {path: '**', component: HomeComponent, pathMatch: 'full'}
 ];
 

src/app/library-detail/library-detail.component.ts

@@ -32,7 +32,7 @@ export class LibraryDetailComponent implements OnInit {
   }
 
   seriesClicked(series: Series) {
-    this.router.navigateByUrl('/series/' + series.id);
+    this.router.navigate(['library', this.libraryId, 'series', series.id]);
   }
 
 }