Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Birthdaylist Users Dashboard - needs admin permission #2524


User avatar
0
rvanwoezik created

I have extended user with DateOfBirth, in UserAppService i have created GetBirthdayList()

public async Task<ListResultDto<UserListDto>> GetBirthDayList()
        {
            var query = from u in UserManager.Users.Where(p => p.IsActive)
                        let diffYears = DbFunctions.DiffYears(u.DateOfBirth, DateTime.Today)
                        let birthdayOccurred =
                        u.DateOfBirth.Month < DateTime.Today.Month
                        || ((u.DateOfBirth.Day + 3) <= DateTime.Today.Day && u.DateOfBirth.Month == DateTime.Today.Month)
                        let nextBirthdate = DbFunctions.AddYears(u.DateOfBirth, diffYears + (birthdayOccurred ? 1 : 0))
                        let daysToBirthdate = DbFunctions.DiffDays(DateTime.Today, nextBirthdate)
                        orderby daysToBirthdate
                        select u;

            var users = await query.Take(12).ToListAsync();

            return new ListResultDto<UserListDto>(users.MapTo<List<UserListDto>>());
        }

This list is visible for members of the Role Admin, but not for default Role "user", how to give role "user" view rights to birthdaylist without giving them create edit delete rights? Should i use userRepository instead of UserManager?

I hope my question is clear.


3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    I'm not sure if I understand you correctly, but you can define seperate permissions for viewing, editing, deleting just like we did here <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero/blob/dev/src/MyCompanyName.AbpZeroTemplate.Core/Authorization/AppPermissions.cs#L20">https://github.com/aspnetzero/aspnet-ze ... ons.cs#L20</a>.

    These permissions can be assigned to roles seperately.

  • User Avatar
    0
    rvanwoezik created

    So I have created a new AppPermission Pages_Administration_Users_List

    In UserAppService can i combine class permissions and method permissions?

    [AbpAuthorize(AppPermissions.Pages_Administration_Users)]
        public class UserAppService : PhoogleZeroAppServiceBase, IUserAppService
    

    and then in method GetBirthdayList

    [AbpAuthorize(AppPermissions.Pages_Administration_Users_List)]
            public async Task<ListResultDto<UserListDto>> GetBirthDayList()
            {
                var query = from u in UserManager.Users.Where(u => u.IsActive)
                            let diffYears = DbFunctions.DiffYears(u.DateOfBirth, DateTime.Today)
                            let birthdayOccurred =
                            u.DateOfBirth.Month < DateTime.Today.Month
                            || ((u.DateOfBirth.Day + 3) <= DateTime.Today.Day && u.DateOfBirth.Month == DateTime.Today.Month)
                            let nextBirthdate = DbFunctions.AddYears(u.DateOfBirth, diffYears + (birthdayOccurred ? 1 : 0))
                            let daysToBirthdate = DbFunctions.DiffDays(DateTime.Today, nextBirthdate)
                            orderby daysToBirthdate
                            select u;
    
                var users = await query.Take(12).ToListAsync();
    
                return new ListResultDto<UserListDto>(users.MapTo<List<UserListDto>>());
            }
    
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    A permission is independent of class and method. You can use a permission or more than one permission on a class or method, no problem. If you want to use multiple permssions, just seperate them with a comma like

    [AbpAuthorize("Permission1", "Permission2")]