Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

How can I write my own permission manager version? #1626


User avatar
0
omital created

Can I write my own permission manager for permission check? If "Yes", How implement it? Why I need it: we implement mechanism than user must select Subsystem after login, in a result we have CurrentSubsystem in session. Now, we want implement permission for each Subsystem separately. for example suppose below application service's method:

[AbpAuthorize(new string[] { "ACC.BaseTables.Person.Update" ,"ISO.BaseTables.Person.Update"})]
public void UpdatePerson(){
     //method implementation 
}

We want authorize based on Current selected Substystem (ACC or ISO) that stored in session.


2 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    Hi,

    You should start by implemting IPermissionChecker: <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp/Authorization/IPermissionChecker.cs">https://github.com/aspnetboilerplate/as ... Checker.cs</a> Then replace it by the default one (<a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Startup-Configuration#replacing-built-in-services">http://www.aspnetboilerplate.com/Pages/ ... n-services</a>)

    In your custom permission checker, you can inject session and do whatever you want and just return true/false based on your custom logic (I suggest you to somehow use caching for performance reasons).

  • User Avatar
    0
    omital created

    Where can I find sample (or default) IPermisiionChecker implementation? and what about RoleEdit page? 1-How can I load JUST permission name that related to CurrentSubsystemId (that retrieve from session)? (this section already solved whit this lines of code

    var allPermisions = PermissionManager.GetAllPermissions()
                    .Where(p=>p.Name.StartsWith(GetCurrentSubsystemPrefix()))
                    .Select(p);
    

    ) Do you have any better solution? 2- How can I update allowed permission that just related to current subsystem. The problem is here

    var grantedPermissions = allPermissions
                     .Where(p=>p.Name.StartsWith(GetCurrentSubsystemPrefix()))
                     .Where(p => input.SelectedPermissions.Contains(p.Name)).ToArray();
    await _roleManager.SetGrantedPermissionsAsync(itm, grantedPermissions);
    

    SetGrantedPermissionsAsync update all permission related to current subsystem and clear those subsystem that are not included in allPermission?!