Base solution for your next web application
Open Closed

Relation between Role and Entity(Case) Tuple #9795


User avatar
0
bma created

Hello everyone

I am very excited that we are going to start developing a portal based on .Zero ;-)

I'm also excited to start using this forum. In the beginning, it is probably most questions that are asked, but I hope that at some point I can also start helping others.

And now to my question; i'm looking for a way to create a relationship between a Role and a Tuple. I need a user to have a role (R1) that only applies to a certain tuple (T1). The same user can have R1 for T2, but not automatically for T3, Txx. I would like to use a much as possible from Abp User and Role management.

Hope it makes sense and someone can point me in the right direction. Thx.

!Product : zero 9.2.1, Angular, .net core


7 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @bma

    I hope your journey goes well with AspNet Zero :).

    You can directly add RoleId to your Tuple entity or you can extend Role entity as explained here https://docs.aspnetzero.com/en/aspnet-core-mvc/latest/Extending-Existing-Entities but I think your case is a bit more complex.

    Do you need to filter Roles of a user at runtine according to a selected Tuple record ? Could you explain how you are planning to use this relation ?

    Thanks,

  • User Avatar
    0
    bma created

    Let me try to explain better ;-)

    We have an entity; Case

    For Case, we have a number of permissions. It could, for example. be: Can upload file to Case. Another could be; Can edit Case metadata. We intend to use the built-in Roles and Permissions from .Zero to deal with this.

    What we need beyond this is that a given Role (R1) only gives Rights to a given Case (C1) and that R1 does not automatically give rights to C2. In other words; a User (U1) has only R1 to C1 if there is a relationship between U1 and C1

    I think the solution is to inject the User - Case relation check, in the permission check - but not sure.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    In that case, you can modify UserStore https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Core/Authorization/Users/UserStore.cs and override GetRolesAsync to filters roles of a user by using relationship betweent User and Case.

  • User Avatar
    0
    bma created

    But the role is not assigned in advance as it is case related. Eg. can I have the role "CanEdit" on 1 case (# 9873) and on another case (# 439988) I have the "Approver" role. Without at the same time having the role of CanEdit as I had on the other case. In other words; i need to find permissions from a Role runtime and add them on a user. How can I do that? Hope it makes sense.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    You can use roleManager.GetGrantedPermissionsAsync to get permissions of a Role. Then, you can use _userManager.SetGrantedPermissionsAsync to grant those permissions to a User.

  • User Avatar
    0
    bma created

    Ok - ty for the quick response ;-)

    Will SetGrantedPermissionsAsync save the permission for this user in DB? Or only for session...

    If SetGrantedPermissionsAsync stores in DB > then Permission will be carried on to the next Case and therefor not solve the problem....

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @bma

    Yes, it will save and this change will be used for the following requests. I think in your case, it will be better to design your own logic just for this case becasue modifying the existing structure seems to be more complicated.