feat(auth): hide My Tasks for project managers and block direct route access

Author: Diogo-Ferraz

src/app/app.routes.ts

@@ -24,6 +24,7 @@ import { ProjectMembersComponent } from './features/projects/components/project-
 import { ActivityLogComponent } from './features/activity/components/activity-log/activity-log.component';
 import { managerOrAdminGuard } from './core/auth/guards/manager-or-admin.guard';
 import { AppSettingsComponent } from './features/settings/components/app-settings/app-settings.component';
+import { nonProjectManagerGuard } from './core/auth/guards/non-project-manager.guard';
 
 export const routes: Routes = [
   { path: '', component: LandingPageComponent },
@@ -43,7 +44,7 @@ export const routes: Routes = [
   { path: 'profile', component: UserProfileSecurityComponent, canActivate: [authGuard] },
   { path: 'admin', component: AdminDashboardComponent, canActivate: [authGuard, adminRoleGuard] },
   { path: 'tasks/create', component: TaskItemCreateComponent, canActivate: [authGuard] },
-  { path: 'tasks/my-tasks', component: UserTaskItemsComponent, canActivate: [authGuard] },
+  { path: 'tasks/my-tasks', component: UserTaskItemsComponent, canActivate: [authGuard, nonProjectManagerGuard] },
   { path: 'login', component: HomeLoginComponent },
   { path: 'callback', component: AuthCallbackComponent },
   { path: 'notfound', redirectTo: 'not-found' },

src/app/core/auth/guards/non-project-manager.guard.ts

@@ -0,0 +1,15 @@
+import { inject } from '@angular/core';
+import { CanActivateFn, Router } from '@angular/router';
+import { AppRole } from '../models/app-role.model';
+import { AuthService } from '../services/auth.service';
+
+export const nonProjectManagerGuard: CanActivateFn = () => {
+  const authService = inject(AuthService);
+  const router = inject(Router);
+
+  if (!authService.hasRole(AppRole.ProjectManager)) {
+    return true;
+  }
+
+  return router.createUrlTree(['/unauthorized']);
+};

src/app/core/layout/component/app-menu/app-menu.component.ts

@@ -46,7 +46,12 @@ export class AppMenuComponent {
         label: 'Delivery',
         items: [
           { label: 'All Tasks', icon: 'pi pi-fw pi-list', routerLink: ['/tasks'] },
-          { label: 'My Tasks', icon: 'pi pi-fw pi-user', routerLink: ['/tasks/my-tasks'] },
+          {
+            label: 'My Tasks',
+            icon: 'pi pi-fw pi-user',
+            routerLink: ['/tasks/my-tasks'],
+            visible: !this.authService.hasRole(AppRole.ProjectManager)
+          },
           {
             label: 'Create Task',
             icon: 'pi pi-fw pi-plus',