diff --git a/pkg/angular/package.json b/pkg/angular/package.json
index da0aac8..66e94f6 100644
--- a/pkg/angular/package.json
+++ b/pkg/angular/package.json
@@ -3,6 +3,9 @@
     "version": "0.0.1",
     "scripts": {
         "build": "ng build",
+        "lint": "biome lint .",
+        "lint:changed": "biome check . --changed --no-errors-on-unmatched",
+        "lint:staged": "biome check . --staged --no-errors-on-unmatched --write",
         "ng": "ng",
         "start": "ng serve",
         "test": "rm -rf dist && NODE_OPTIONS='--no-deprecation --no-warnings' ng test",
diff --git a/pkg/angular/src/lib/directives.spec.ts b/pkg/angular/src/lib/directives.spec.ts
index 3178396..1cf1626 100644
--- a/pkg/angular/src/lib/directives.spec.ts
+++ b/pkg/angular/src/lib/directives.spec.ts
@@ -3,7 +3,7 @@ import { Component, NgZone } from '@angular/core';
 import { TestBed } from '@angular/core/testing';
 import { A38Module } from './a38.module';
 import { A38AllowedDirective, A38DeniedDirective } from './directives';
-import { DEFAULT_ROLE, RoleStore } from './role-store';
+import { RoleStore } from './role-store';
 
 @Component({
     standalone: true,
diff --git a/pkg/angular/src/lib/guard.spec.ts b/pkg/angular/src/lib/guard.spec.ts
index 16b9b6a..6374a24 100644
--- a/pkg/angular/src/lib/guard.spec.ts
+++ b/pkg/angular/src/lib/guard.spec.ts
@@ -4,7 +4,7 @@ import { type ComponentFixture, TestBed } from '@angular/core/testing';
 import { Router, RouterModule } from '@angular/router';
 
 import { A38Module } from './a38.module';
-import { a38Allowed, defineRouteResourceData } from './guard';
+import { a38Allowed } from './guard';
 import { RoleStore } from './role-store';
 
 @Component({
@@ -87,25 +87,21 @@ describe('a38Allowed', () => {
                             path: '',
                             pathMatch: 'full',
                             component: DashboardComponent,
-                            // data: { ...defineRouteResourceData('dashboard') },
                             canActivate: [a38Allowed('dashboard')]
                         },
                         {
                             path: 'login',
                             component: LoginComponent,
-                            // data: { ...defineRouteResourceData('login') },
                             canActivate: [a38Allowed('login')]
                         },
                         {
                             path: 'admin',
                             component: AdminComponent,
-                            // data: { ...defineRouteResourceData('admin') },
                             canActivate: [a38Allowed('admin')]
                         },
                         {
                             path: 'error/:code',
                             component: ErrorComponent,
-                            // data: { ...defineRouteResourceData('error') },
                             canActivate: [a38Allowed('error')]
                         },
                         {
diff --git a/pkg/angular/src/lib/guard.ts b/pkg/angular/src/lib/guard.ts
index b844b28..de2fda3 100644
--- a/pkg/angular/src/lib/guard.ts
+++ b/pkg/angular/src/lib/guard.ts
@@ -4,18 +4,13 @@ import {
     type ActivatedRouteSnapshot,
     type CanActivateChildFn,
     type CanActivateFn,
-    type Data,
     type GuardResult,
-    type MaybeAsync,
     Router,
     type RouterStateSnapshot
 } from '@angular/router';
 import { HrbacService } from './hrbac.service';
 import { RoleStore } from './role-store';
 
-const RESOURCE_ID = Symbol('RESOURCE_ID');
-const PRIVILEGE = Symbol('PRIVILEGE');
-
 export type GuardDenyHandler = (
     roleId: string,
     resource: RouteResource,
@@ -23,11 +18,6 @@ export type GuardDenyHandler = (
 ) => GuardResult | string | Promise<GuardResult | string>;
 export const GUARD_DENY_HANDLER = new InjectionToken<GuardDenyHandler>('A38 Guard Deny Handler');
 
-export interface RouteResourceData {
-    [RESOURCE_ID]: Resource | string;
-    [PRIVILEGE]: string | null;
-}
-
 export class RouteResource extends Resource {
     constructor(
         resourceId: string,
@@ -38,46 +28,6 @@ export class RouteResource extends Resource {
     }
 }
 
-export function defineRouteResourceData(resourceId: string, privilege: string | null = null): RouteResourceData {
-    return { [RESOURCE_ID]: resourceId, [PRIVILEGE]: privilege };
-}
-
-function getRouteResourceData(data: Data): [resourceId: string, privilege: string | null] {
-    if (!(RESOURCE_ID in data)) {
-        throw new Error(`Missing RESOURCE_ID in route data, ${JSON.stringify(data)} given.`);
-    }
-    if (!(PRIVILEGE in data)) {
-        throw new Error(`Missing PRIVILEGE in route data, ${JSON.stringify(data)} given.`);
-    }
-
-    return [data[RESOURCE_ID], data[PRIVILEGE]];
-}
-
-/**
- * @todo: try to use a factory method to provide resourceId and privilege
- */
-export const _a38Allowed: CanActivateFn & CanActivateChildFn = async (route, state) => {
-    const router = inject(Router);
-    const injector = inject(Injector);
-    const guardDenyHandler = inject(GUARD_DENY_HANDLER);
-    const roleId = inject(RoleStore).role();
-    const [resourceId, privilege] = getRouteResourceData(route.data);
-    const resource = new RouteResource(resourceId, route, state);
-
-    const isAllowed = await inject(HrbacService).isAllowed(roleId, resource, privilege);
-    // console.log({ roleId, resourceId, isAllowed });
-    if (!isAllowed) {
-        const result = await runInInjectionContext(injector, () => guardDenyHandler(roleId, resource, privilege));
-
-        if (typeof result === 'string') {
-            return router.parseUrl(result);
-        }
-
-        return result;
-    }
-    return true;
-};
-
 export function a38Allowed(resourceId: string, privilege: string | null = null): CanActivateFn & CanActivateChildFn {
     return async (route, state) => {
         const router = inject(Router);
@@ -87,7 +37,6 @@ export function a38Allowed(resourceId: string, privilege: string | null = null):
         const resource = new RouteResource(resourceId, route, state);
 
         const isAllowed = await inject(HrbacService).isAllowed(roleId, resource, privilege);
-        // console.log({ roleId, resourceId, isAllowed });
         if (!isAllowed) {
             const result = await runInInjectionContext(injector, () => guardDenyHandler(roleId, resource, privilege));
 
diff --git a/pkg/angular/src/lib/pipes.spec.ts b/pkg/angular/src/lib/pipes.spec.ts
index 01d99e3..24d1dc9 100644
--- a/pkg/angular/src/lib/pipes.spec.ts
+++ b/pkg/angular/src/lib/pipes.spec.ts
@@ -3,7 +3,7 @@ import { Component, NgZone } from '@angular/core';
 import { TestBed } from '@angular/core/testing';
 import { A38Module } from './a38.module';
 import { A38AllowedPipe, A38DeniedPipe } from './pipes';
-import { DEFAULT_ROLE, RoleStore } from './role-store';
+import { RoleStore } from './role-store';
 
 @Component({
     standalone: true,
diff --git a/pkg/angular/src/lib/role-store.ts b/pkg/angular/src/lib/role-store.ts
index 14c1455..dace291 100644
--- a/pkg/angular/src/lib/role-store.ts
+++ b/pkg/angular/src/lib/role-store.ts
@@ -1,9 +1,6 @@
 import { InjectionToken, computed, inject } from '@angular/core';
 import { patchState, signalStore, withComputed, withMethods, withState } from '@ngrx/signals';
 
-const defaultRole = Symbol('defaultRole');
-const currentRole = Symbol('currentRole');
-
 export interface RoleStoreState {
     defaultRole: string;
     currentRole: string | undefined;