Hello,
We have couple questions as we are planning to start another project by using aspnetzero and needing couple clarifications.
AspnetZero Version: 11.0 Product type Angular + Dot Net Core
Base Information:
One API End point that will support multiple fronted application via different domain/sub domain name i.e. api.sample.com using one db and all application will consume this api, sample.com - MAIN LANDING corporate.sample.com - Separate App for corporate accounts app1.sample.com - separate app with own business logic but using same apis end points as others app2.com - separate app with own business logic but using same apis end points as others
There will be standard features, but we are planning to have other dynamic features & permissions for forms access i.e. there are two forms 110011, 220022, when admin creates this forms it creates features & relevant permissions in db and that would be consumed in when individual is trying to access.
App Features -- that are dynamically created in database App.DynamicFeature.110011 App.DynamicFeature.110011.CRUD App.DynamicFeature.220022 App.DynamicFeature.220022.CRUD
App Permissions - that are dynamically created in db when that forms are created Pages.DynamicFeaturePermissions.110011 App.DynamicFeature.110011 Pages.DynamicFeaturePermissions.110011.View App.DynamicFeature.110011 Pages.DynamicFeaturePermissions.110011.Print App.DynamicFeature.110011 Pages.DynamicFeaturePermissions.110011.Create App.DynamicFeature.110011.CRUD Pages.DynamicFeaturePermissions.110011.Edit App.DynamicFeature.110011.CRUD Pages.DynamicFeaturePermissions.110011.Delete App.DynamicFeature.110011.CRUD
and same for other feature.
QUESTIONS:
- How can I register this features and permissions based on features in application, so that I can use this in application for feature checking, permission checking
- How can I extend the Authorization module or create separate authorization attribute, to authorize at API End point where api is getting the "110011", and "22022" in FormName parameter? obviously checking against tenant has that feature + user also has permission
Last question is kind of separate: as we are hosting the same fronted app but in different domain and wants to have the cookie being shared between all the apps (main domain, other domain, any subdomain), we are not using the {tenancyName}.domain.com feature in our product.
1 Answer(s)
-
0
Hi,
- You can replace https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp/Authorization/PermissionManager.cs and overwrite GetAllPermissions method.
- You can replace https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp/Authorization/AuthorizationHelper.cs with your custom implementation
I think cookie sharing between different domains are not possible but under a domain and it's subdomains are possible.