i trying see if there "out of box" in asp.net5 authorization application needs. using group/permission based approach authorization. using identity3 using role group , have created permissions this. each permission has resource links , 1 or more values, like:
resource = page, permissions = add, update, view, delete
another complication groups have dynamic names, , dynamic permissions!!
i have started read authorization in asp.net5 , seems have found called policies, sound good. seems force use claims, possible if use claimstransformer permissions , add them claims db. right in thinking have create policy each permission, on each resource? seems lot of setup.
is there not know built in asp.net5 use? attribute this
[authorize("page", "delete")] which add pagecontroller delete method.
if have use sort of service , di controller implement this, fine well.
there claimsprincipalpermissionattribute can fit requirements.
or can implement own authorizeattribute.
Comments
Post a Comment