Is there any way I can used OU's and Roles to define a user's role at the OU level. For example, I may have a user who is a "manager" in the Marketing OU but is just a "read only users" in the Sales OU. It does not look like roles and OU's work this way in ASP.NET Zero, but I was wondering if you had any creative suggestions without having to do major surgery to the platform?
Thanks in advance for your help.
-Eric
4 Answer(s)
-
0
Hi @eric_pulaski
You are right, current implementation doesn't work like that. Do you keep something like "Current OU" in session and allow user to change OU on the app UI ?
-
0
Kind of. What I'm really looking for is an ACL at the OU level, with a pairing (tuple) of users and roles at the OU level. I guess I can just implement this myself; not something that ASP.NET Zero can handle with the out-of-the-box implementation.
-
0
Hi,
You can override this method https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.ZeroCore/Authorization/Users/AbpUserStore.cs#L709 and filter roles of user according to your business logic.
-
0
OK. Thanks.
