Hi,
I have a case where I want to limit users permissions down to a couple permissions if his account is not active.
I still want him to login but i dont want him to do anything except a couple permissions i set for him.
What would be the best way to do this?
thank you
3 Answer(s)
-
0
Hi @uenlkr4e
The approach can be as follows. While deactivating a user, you can assign a role to them. This role should contain the necessary permissions for an inactive user. Additionally, you will need to address the fact that inactive users cannot log in by default in ASP.NET Zero. Since the user is inactive, the value returned from the login result will be null. To handle this, you need to override the
LoginAsync
method inAbpLoginManager
and remove the check for whether the user is active or not. -
0
Hi,
thanks but this approach isnt really doable because of:-
there has to be a in-active user role in every tenant and someone with the right privilege may delete this role
-
after activating an account I wont know what the users old role was so that would definitely cause chaos
any other suggestions?
-
-
0
Hi @uenlkr4e
You can set and remove permissions for an inactive user using the UserManager. To assign a previously defined permission to the user, you can use the
SetGrantedPermissionsAsync
method. If you want to remove a permission from the user, you can use theProhibitPermissionAsync
method. Related Document