Checking a Permission During Login Process #7496

cmthomps created 4 years ago

I want to check a permission in the Login method of the AccountController. I'm checking a permission using PermissionChecker.IsGrantedAsync after GetLoginResultAsync, but it always comes back false. I'm assuming that the permissions get created sometime later. Is there away that I that I can accomplish that?

Thanks, Craig

4 Answer(s)

0

cmthomps created 4 years ago

Any help?
0

ryancyq created 4 years ago
Support Team

Hi, are you using PermissionChecker before the user is authenticated?

You can perform user authencation before and check for the permission, if it turns out to be false then logout the user.

Please share your code and ANZ project version.

cmthomps created 4 years ago

Thanks - I'm using the permission checker right after the call to GetLoginAsync method. The result is always false. Wondering if the permissions get cached somehow later in the process. Not sure.

            var loginResult = await GetLoginResultAsync(loginModel.UsernameOrEmailAddress, loginModel.Password, GetTenancyNameOrNull());

            var hasPermissions = await PermissionChecker.IsGrantedAsync(AppPermissions.Permission1);

cmthomps created 4 years ago

Using the the userManager to check the permissions works (it returns true for the user that just logged in if that user has the permission). I'm not sure why the permission checker does not.

            var loginResult = await GetLoginResultAsync(loginModel.UsernameOrEmailAddress, loginModel.Password, GetTenancyNameOrNull());

            var hasPermissions = await _userManager.IsGrantedAsync(loginResult.User.Id, AppPermissions.Permission1);

Have an answer to this question? Log in and write your answer.