How can I subclass Permission ?
public class MyPermission : Permission
{
}
custom data filter over EF Core is not supported...
?
- How can I separate permissions for standard users and for external users ? should I do it in PermissionAppService ? Or by implementing some filtering somewhere
You can subclass Permission, add a flag, and then use it to filter.
- How can I separate roles for classic users and roles for external users ? With RoleManager ? With RoleAppService ?
You can subclass User and Role, add a flag, and then use it to filter.
- How can I adapt user repository to provide standard users OR external users but never displaying both ?
You can subclass User, add a flag, and then use it to filter.
Can you reproduce that on a fresh project?
var clientIds = tenants.Select(t => t.ClientId).ToList();
var clientsWhichHaveNotBeenMappedWithATenant = _clientRepository.GetAll()
.Where(c => !clientIds.Contains(c.Id))
.ToList();
if email provided is recognized by backend, then a ticket is created and stored in database. If not, a popup is shown to anonymous user displaying a message that he has not been recognized.
As a second step, this anonymous user should be able to see a list of previous requests submitted to check there status (open, close). A simple login form with an email and password is needed to have access to this list.
The first step is an unauthenticated user accessing an [AbpAllowAnonymous] endpoint. The second step is just regular authentication.
I can see two solutions : 1- Create an additional angular page directly to the account module (which doesn't require auth) 2- Create a specific module based on account module (but need more time to do and may be some adaptations of angular routes)
What solution would you choose in this case ?
Go with 2, since they really are different modules — and should have different routes.
How would you manage this new simple authentication system (email + password) ? Should I use your existing ABP user mechanism with a static role that will limit anonymous user to a specific Angular Module OR should I do it on my own with very limited features (login, logout, forgot password, create new ticket, ticket list)
Well, "email + password" is just regular authentication. Use the existing ABP user mechanism with a role. That's what roles are for.
<cite>tteoh: </cite> Glad you are considering Refresh Token for ASPNetZero and i presume is not ASPNetZero Core.
As stated in Version Differences:
new major features will be implemented for ASP.NET Core version (.NET Core & full .NET Framework).
That's great :)
That's great :)
Does anyone know why the 2 shared projects are not using .NET Core 2.1 when the other projects are? How and will this affect our solution?