Comments (4)
Hi @cwbrandsdal,
Louis Miles asked a similar question to your requirements and you can read my reply here.
If you are creating a multi-tenant using the AuthP library, then you add some extra code to use a "multiple tenants" key instead of the single DataKey that AuthP uses. Here are the extra steps you need to do:
- Create a claim using the RegisterAddClaimToUser method which creates the "multiple tenants" key when the user logs in.
- To inject this "multiple tenants" key you need to create a new interface / class similar to the AuthP's
IGetDataKeyFromUser
interface, but provides your "multiple tenants" key. - Register your "multiple tenants" interface / class to the DI in your
Program
/ startup code. - Your tenant DbContext constructor you will put in your "multiple tenants" key interface instead of the AuthP's
IGetDataKeyFromUser
- In the tenant DbContext's
OnModelCreating
method you will add the...HasQueryFilter(p => UserKey.Contains(p.GroupKey);
to each tenant entity class.
NOTE: If you need the Admin access tenant data, then you have to do some more work. You can add code to make it work, but its a bit complex so I wouldn't add this unless your really need it.
from authpermissions.aspnetcore.
PS. You also need to build some new admin code to create a many-to-many link between the AuthUser
and the Tenant
entity classes used by AuthP. That shouldn't be too complex.
from authpermissions.aspnetcore.
Thank you so much! I was thinking something like this myself. The only thing that makes this a bit hard to work with is that with the new HasQueryFilter using Contains it really needs to have every single child. Do you know if there is a way to use the StartsWith on multiple values? It seems not to work from my testing because the DataKey/DataKeys are not populated before the HasQueryFilter is set up. I guess this makes it really hard. Do you have any suggestions on how I could do this? All help is appreciated. Thank you so much for a GREAT package! :-)
from authpermissions.aspnetcore.
I'm not sure I fully understand your question, but one part stood out:
... the DataKey/DataKeys are not populated before the HasQueryFilter is set up.
The limitation of this approach is a user with many keys, e.g. south and west, cannot create a new entry because you need a single key (e.g. south) to set the DataKey
on the entity classes in the tenant database. I was assumed the data was read, but looks at sounds you want read AND write which adds complications. Here are a two approaches:
- Have an admin user for each group, e.g. SouthAdmin user, with a single GroupKey, e.g. south, who's job is to add more data. Simple to implement but only good for a multi-tenant where normal users only need to read the data. Only change from the "five steps" described above is you must stop users with multiple GroupKeys from adding data.
- When a user wants to add new data, then a dropdown list of the GroupKeys that the user has is shown and the user has to select the correct GroupKey from the dropdown before they can create a new entry. More complex than the first approach, but makes any user to add new data. This adds a extra step to the "five steps" by adding the selected dropdown GroupKey into a "CreateKey" properly in the tenant DbContext, and when new data is written to the database the
DataKey
on every new entity class is set to the value in the "CreateKey" properly.
NOTE: I didn't explain how the DataKey
is set in the "five steps" - see this section in one of my articles.
I hope I have answered your question.
from authpermissions.aspnetcore.
Related Issues (20)
- API using AuthP and AzureAd Token HOT 1
- Some claim changes ignored until logout/login HOT 3
- Enable Audit functionality on Tenant HOT 4
- ShardingServices - value cannot be null due to update to 5.0.1 HOT 6
- Support .NET 8 HOT 4
- The name of the database date can't be null HOT 15
- Soft Delete HOT 1
- Create admin user with tenant admin role HOT 1
- Each Created Tenant should have Admin Role HOT 1
- Extend UsingEfCoreSqlServer to be able to influence DbContextOptionsBuilder HOT 2
- Not able to create hierarchical sub tenant HOT 4
- Having issue with permissions and claim HOT 3
- Custom rules for each tenant HOT 3
- `AddSuperUserToIndividualAccounts` doesn't seem to be working HOT 1
- AuthP working with Azure App Configuration HOT 1
- SignedUp User not able to assign the permissions for all the actions HOT 4
- Version conflict detected for Microsoft.CodeAnalysis.Common. Install/reference Microsoft.CodeAnalysis.Common 4.8.0 directly HOT 6
- How exactly does the refresh token work? HOT 6
- PLEASE ADD TENANT INACTIVE PROPERTY HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authpermissions.aspnetcore.