Comments (3)
Hi @Arazesh,
Here is how I would implement this:
- I would create Roles for each of the features you want to turn on or off. These Roles should be
TenantAutoAdd
type Roles (see this section of the AuthP docs). - I would create some code to add/remove these feature Roles to a Tenant. To do this you need two methods from the
IAuthTenantAdminService
. NOTE: These methods needs theTenantId
to define what tenant you are changing.- Use
GetRoleNamesForTenantsAsync
to get the current tenant roles - Add/remove the current feature Roles
- Then use
UpdateTenantRolesAsync
to update the changed tenant Roles.
- Use
- I would add a Role to make the code in step 2 can only be used by certain users, i.e. tenant admin users
- Finally I would add the Role in step 3 to the tenant admin, either during sign on or by the App admin.
I hope that helps.
from authpermissions.aspnetcore.
Hi @Arazesh,
The AuthP's Roles are designed allow access to various pages / WebAPI in the application. If a tenant user could create a Role, then they could create a Role that allows them to delete other tenant's data. Therefore tenant user's aren't allowed to create Roles.
From what you say it sounds that you want each tenant to be pick want features in their Tenant. You can do this using the Sign up for a new tenant, with versioning - see this article for a better overview.
The "Sign up for a new tenant, with versioning" examples have simple differences, but there is no reason that you could create a list of features that they pick from instead. You would need to create a code to turn picked features into the format that the ISignInAndCreateTenant
needs.
The "Sign up for a new tenant, with versioning" means that the Tenant owner has to decide on signing in, which means they can't thing later. You have two options for changing the tenant's Role in an existing Tenant are:
- Simple: The App Admin adds/removes the tenant's TenantRoles manually.
- Complex: You create code that allows the tenant admin to change the TenantRoles within their Tenant.
from authpermissions.aspnetcore.
Hi JonPSmith,
Thanks for the advice
This is exactly what I need
"Complex: You create code that allows the tenant admin to change the TenantRoles within their Tenant."
So , I want to do these things
1- Create a new roletype called TenantCustomeRole
2- Add an attribute to the permissions so that tenant admins can only choose from them "TenantCustomeRoleAttribute"
3- Add IDataKeyFilterReadWrite to the RoleToPermissions table so that if the DataKey has value , it will be applied only to this tenant. (I'm not sure about this , maybe it's better to create a new table)
Do you think this is the right solution or is there a better solution?
from authpermissions.aspnetcore.
Related Issues (20)
- Each Created Tenant should have Admin Role HOT 1
- Extend UsingEfCoreSqlServer to be able to influence DbContextOptionsBuilder HOT 2
- Not able to create hierarchical sub tenant HOT 4
- Having issue with permissions and claim HOT 3
- `AddSuperUserToIndividualAccounts` doesn't seem to be working HOT 1
- AuthP working with Azure App Configuration HOT 1
- SignedUp User not able to assign the permissions for all the actions HOT 4
- Version conflict detected for Microsoft.CodeAnalysis.Common. Install/reference Microsoft.CodeAnalysis.Common 4.8.0 directly HOT 6
- How exactly does the refresh token work? HOT 6
- PLEASE ADD TENANT INACTIVE PROPERTY HOT 1
- What's the need of sharding File store cache HOT 4
- Some claim changes ignored until logout/login HOT 3
- Enable Audit functionality on Tenant HOT 4
- ShardingServices - value cannot be null due to update to 5.0.1 HOT 6
- User access in multiple tenants HOT 4
- Support .NET 8 HOT 4
- The name of the database date can't be null HOT 15
- Soft Delete HOT 1
- Create admin user with tenant admin role HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authpermissions.aspnetcore.