1 files changed, 30 insertions, 2 deletions

diff --git a/src/router/index.js b/src/router/index.js
index 3cd52264..bcb2c7a2 100644
--- a/src/router/index.js
+++ b/src/router/index.js
@@ -8,16 +8,25 @@ import store from '../store';
 import routes from './routes';
 
 Vue.use(VueRouter);
-
 const router = new VueRouter({
   base: process.env.BASE_URL,
   routes,
   linkExactActiveClass: 'nav-link--current',
 });
 
-router.beforeEach((to, from, next) => {
+function allowRouterToNavigate(to, next, currentUserRole) {
   if (to.matched.some((record) => record.meta.requiresAuth)) {
     if (store.getters['authentication/isLoggedIn']) {
+      if (to.meta.exclusiveToRoles) {
+        // The privilege for the specific router was verified using the
+        // exclusiveToRoles roles in the router.
+        if (to.meta.exclusiveToRoles.includes(currentUserRole)) {
+          next();
+        } else {
+          next('*');
+        }
+        return;
+      }
       next();
       return;
     }
@@ -25,6 +34,25 @@ router.beforeEach((to, from, next) => {
   } else {
     next();
   }
+}
+
+router.beforeEach((to, from, next) => {
+  let currentUserRole = store.getters['global/userPrivilege'];
+  // condition will get satisfied if user refreshed after login
+  if (!currentUserRole && store.getters['authentication/isLoggedIn']) {
+    // invoke API call to get the role ID
+    let username = localStorage.getItem('storedUsername');
+    store.dispatch('authentication/getUserInfo', username).then((response) => {
+      if (response?.RoleId) {
+        // set role ID
+        store.commit('global/setPrivilege', response.RoleId);
+        // allow the route to continue
+        allowRouterToNavigate(to, next, response.RoleId);
+      }
+    });
+  } else {
+    allowRouterToNavigate(to, next, currentUserRole);
+  }
 });
 
 export default router;