Comments (4)
hi. if i might add, while this is still the works,
1 - why not allow nested permissions ? i.e.: we could have a Catalog permission and permissions for each of the catalog entities/features. this would prevent accessing or displaying the catalog if a user is not allowed to without the need to go further and check for each entity/feature within the catalog.
2 - in multitenant systems, features can be set also by Tenant which is not present here. one should be able to allow access to a CRM feature for a tenant and desactive it for another ... (this should be thought out if you're planing on adding modules support , then features could be modules and access to modules can be through permissions, by tenant also).
from blazor-wasm-boilerplate.
1 - It is already working like that AFAICT. If you can't "View" the brands, then you will not have the menu item, so you definitely won't be able to create, update or delete them... What could be made better is that for instance when you uncheck the view permission for brand, that automatically the rest of the brand permissions are unchecked as well...
2 - We don't have the concept of "features" yet in this template, but that's something interesting to add indeed. I wouldn't mix it with permissions though. This is a different concept altogether.
from blazor-wasm-boilerplate.
@fretje thank you for your comments. what you said in point 1 is true but that let me give you a example : take the catalog. what if i had Permissions for Catalog and a set of permissions under catalog for brands, products, categories .... i would access them only if i had rights to the parent, in this case catalog. making this available can help setup roles permissions in a much logical way and codewise, a productcontroller would be secured by an Authorise attribute on Catalog first then the method by the product permissions for viewe, creste and delete .....
point 2, yes it is very different from the permissions. but if I had a feature Called Crm in which i manage a catalog and customers and billing , then i would need to have rights to that feature before managing those entities unfer CRM, hence the nested permissions ...
i hope this helps.
thx.
from blazor-wasm-boilerplate.
Well, yes, ultimately, the permissions are just strings... they have to start with "Permission" if you want to use them with the "MustHavePermission" attribute... but otherwise you are totally free to name them anything you want.
from blazor-wasm-boilerplate.
Related Issues (20)
- Resend user email confirmation
- validation not working HOT 1
- The MudDatePicker does not work in the dialogbox HOT 2
- API error messages not getting passed HOT 10
- Make Superadmin role for tenants management
- Search product by Brand name doesnot work
- Cannot login using administrator credentials HOT 15
- Web-api giving exception on clicking Dashboard in Blazor frontend HOT 3
- "TypeError: Failed to fetch" error HOT 1
- HamburgerMenu Bug
- What is the difference between these two projects? I am confused
- MudTable to MudDataGrid HOT 1
- Why does the registration page keep redirecting to the login page as soon as button pressed ? HOT 1
- How to create menu Item on Table. HOT 1
- How to update FSHAPI.cs? HOT 2
- Issue with release builds/publish
- Unable to resolve nuget packages
- How to delete selected items only in EntityTable grid
- How to get selected items from the Entity Table
- Reset-Password UI screen is missing. HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from blazor-wasm-boilerplate.