Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Role Management - Organization Unit #1367


User avatar
0
maharatha created

I am trying to extend the Roles to Organization. Can you point me in the right direction ?

I also need to know where to override GetRolesforUser, so that I can override with GetRolesforUser(long OUId).


4 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    The thing you want can be complicated upon your requirements.

    Roles are for grouping permissions as you know. Do you want to make same for UO roles. Do you need OU based permissions? Or you just need to set roles for OUs to users and check if user A has role B on OU C? If so, I suggest you to create this system seperated from current role/permission system. You can tell us some details about your requirement.

    Thanks.

  • User Avatar
    0
    maharatha created

    I initially started with using Organization Unit as Companies then I am frequently running into issues while extending Roles/Settings/Users/etc..

    So today I reversed my approach, now I am treating each company as a Tenant and grouping them under one organization.

    Is there a way I can share the same user/roles between tenants. If not I basically have to create two users for each of the tenant and link them up.

    I Wish we could extend the scope of users/roles/settings to Organizations without any additional work.

  • User Avatar
    0
    maharatha created

    I have been using AspnetZero i guess from the beginning and it's good to see how it has evolved. This question is still open for me after two years. I am developing a new product and using ASPNET ZERO Angular + Core.

    I think I completely understand how ASPNETZERO works, so here is my question. When I add an user I can specify the permissions using Roles, and then I can make changes to a specific user permission by going to user screen.

    My Requirement :

    When I add an user I get to choose the Organization to which I want to add. Is there a way I can also select set of permissions that's applicable for an user specific to that Organization. In a way I want to extend the Permission to Organization as well.

    I was thinking of extending the AbpPermissions entity and add IMayhaveOrganization. But not sure what all places I have to make the changes to make sure the data annotations also work.

    Let me know my ask is clear

  • User Avatar
    0
    ryancyq created
    Support Team

    Hi @maharatha,

    When I add an user I get to choose the Organization to which I want to add. Is there a way I can also select set of permissions that's applicable for an user specific to that Organization. In a way I want to extend the Permission to Organization as well.
    

    It seems that you are trying to assign specific permissions to a user under a Organization Unit. It looks the same as using Role Permission and assign it to a user. However, if you are looking to make use to OrganizationUnit to grant a set of permissions to a group of users under the same Organization Unit, you can either leverage on RolePermissionSetting or implement something similar like OrganizationUnitPermissionSetting

    See <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/blob/9c90ded02bdf291664b5cd7d09e3e30cf0dabbc4/src/Abp.Zero.Common/Authorization/Roles/RolePermissionSetting.cs">https://github.com/aspnetboilerplate/as ... Setting.cs</a>

    I was thinking of extending the AbpPermissions entity and add IMayhaveOrganization. But not sure what all places I have to make the changes to make sure the data annotations also work.
    

    I wouldn't suggest this as extending AbpPermission to have IMayhaveOrganization interface means introducing permissions that only existing in certain OrganizationUnit which might not work well with Abp Role & User Management system