- ABP Framework version: v7.1
- UI type: Blazor WASM
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): MVC
We have an application with lots of data that is geographically grouped, or can be operationally grouped eg Division 1, Division 2, etc.
We want to be able to limit the data that specific groups of users can see. but enable other users to be able to view all data from all regions.
In simple terms Users belonging to Northwest Region, can only see customer data that relates to Northwest Region, but a User that belongs to "All Northern" can see data from North-West and North-East Regions.
Is there an existing extension of identifty eg Departments? that would help with this sort of scenario?
Andrew
3 Answer(s)
-
0
Hi,
We have organizational units that can be used to organize users and roles.
You can filter the data according to the user's organization.
-
0
Thanks for the quick response.
I looked at https://docs.abp.io/en/commercial/7.1/modules/identity#organization-units but not sure how that is used to filter data so only certain users can see the data? is it User or Role based, and can a User and data eg Custtomer data belong to more than one Organisation Unit? Is there an example of how this can be used to "hide" data that should not be seen by people outside that Org unit within a tennat?
Andrew
-
0
and can a User and data eg Custtomer data belong to more than one Organisation Unit
Yes, a user can be in multiple organizations.
but not sure how that is used to filter data so only certain users can see the data
You can create a data filter: https://docs.abp.io/en/abp/latest/Data-Filtering#entityframework-core