Hello everyone
I am very excited that we are going to start developing a portal based on .Zero ;-)
I'm also excited to start using this forum. In the beginning, it is probably most questions that are asked, but I hope that at some point I can also start helping others.
And now to my question; i'm looking for a way to create a relationship between a Role and a Tuple. I need a user to have a role (R1) that only applies to a certain tuple (T1). The same user can have R1 for T2, but not automatically for T3, Txx. I would like to use a much as possible from Abp User and Role management.
Hope it makes sense and someone can point me in the right direction. Thx.
!Product : zero 9.2.1, Angular, .net core
7 Answer(s)
-
0
Hi @bma
I hope your journey goes well with AspNet Zero :).
You can directly add RoleId to your Tuple entity or you can extend Role entity as explained here https://docs.aspnetzero.com/en/aspnet-core-mvc/latest/Extending-Existing-Entities but I think your case is a bit more complex.
Do you need to filter Roles of a user at runtine according to a selected Tuple record ? Could you explain how you are planning to use this relation ?
Thanks,
-
0
Let me try to explain better ;-)
We have an entity; Case
For Case, we have a number of permissions. It could, for example. be: Can upload file to Case. Another could be; Can edit Case metadata. We intend to use the built-in Roles and Permissions from .Zero to deal with this.
What we need beyond this is that a given Role (R1) only gives Rights to a given Case (C1) and that R1 does not automatically give rights to C2. In other words; a User (U1) has only R1 to C1 if there is a relationship between U1 and C1
I think the solution is to inject the User - Case relation check, in the permission check - but not sure.
-
0
Hi,
In that case, you can modify UserStore https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Core/Authorization/Users/UserStore.cs and override
GetRolesAsyncto filters roles of a user by using relationship betweent User and Case. -
0
But the role is not assigned in advance as it is case related. Eg. can I have the role "CanEdit" on 1 case (# 9873) and on another case (# 439988) I have the "Approver" role. Without at the same time having the role of CanEdit as I had on the other case. In other words; i need to find permissions from a Role runtime and add them on a user. How can I do that? Hope it makes sense.
-
0
Hi,
You can use
roleManager.GetGrantedPermissionsAsyncto get permissions of a Role. Then, you can use_userManager.SetGrantedPermissionsAsyncto grant those permissions to a User. -
0
Ok - ty for the quick response ;-)
Will SetGrantedPermissionsAsync save the permission for this user in DB? Or only for session...
If SetGrantedPermissionsAsync stores in DB > then Permission will be carried on to the next Case and therefor not solve the problem....
-
0
Hi @bma
Yes, it will save and this change will be used for the following requests. I think in your case, it will be better to design your own logic just for this case becasue modifying the existing structure seems to be more complicated.
