I canโt comment because I donโt have enough reputation, but although I canโt answer your first question, I can talk about two others:
- Even if I block, is there a way for users to access scope variables?
Yes. Each time you run the application code on a client computer, you can access information about what works. This is true for every client-side code.
While you can try to complicate the detection of data for cybercriminals, you cannot really protect it from any harm.
In the specific case of angularjs applications, remember that your code is accessible from a browser, and any user can use it (even if it is connected and minimized!). Thus, reverse-engineering an application and running it in a controlled environment would not be too complicated.
- Will I have additional protection if I block users from accessing the area data?
Well, that is debatable. As I explained in 2, it will still be possible to access your scope variables, it can be trickier. I think the real question here should be: "Does it bother me if anyone has access to my scope variables?"
The answer to this question must always be decisive. What reasonable information do you keep on the client side? Should it be there? Remember that all reasonable information must be stored in encrypted form and transmitted only through the network in encrypted messages. If there is some logic on the client side that you absolutely cannot allow access to, it should be on the server side. And this is the answer to most reasonable information issues you can find.
TL; DR: People will still be able to access your area. You must design your application so that you donโt worry about it.