hierarchical users creation and data access #6705 | Support

arvind.srivastava.tas created 8 months ago

Team - We need to create a new access management system that can control Data (for example customers) visibility on hierarchical users (Mapped to BusinessUnits). parent user can see all the Data (customer(s)) that belong to the user's BusinessUnits and its children's BusinessUnits as well For Example Use Case 1 - Anchor-Global can access and see all customer(s) data. Use Case 2 - Anchor-Asia can access and see only customer(s) related to NG and PK data. Use Case 3 - Anchor-Europe users can access and see only customer(s) related to France and Germany data.

Need your input or any references for the same. Your help will be appreciated in this regard.

ABP Framework version: v7.3.0
UI Type: Angular
Database System: EF Core (PostgreSQL)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace: Need your input or any sample code for the given requirement.
Steps to reproduce the issue:

15 Answer(s)

0

Anjali_Musmade created 8 months ago
Support Team Support Team Member

Hello,

Please check if it`s helps you https://support.abp.io/QA/Questions/641/Organizational-Units-restricted-access-and-data-filtering

Thanks.
0

arvind.srivastava.tas created 8 months ago

Hello,

Please check if it`s helps you https://support.abp.io/QA/Questions/641/Organizational-Units-restricted-access-and-data-filtering

Thanks.

Can we have a quick call?, I need to discuss my requirements in detail please share your email id. I will setup a quick connect for the same.
0

Anjali_Musmade created 8 months ago
Support Team Support Team Member

I am assigning this to @maliming.
0
maliming created 8 months ago
Support Team Fullstack Developer
hi arvind.srivastava.tas

You can refer to the OrganizationUnit implementation for your needs. It filters sub-items by code

// <summary> /// Hierarchical Code of this organization unit. /// Example: "00001.00042.00005". /// This is a unique code for an OrganizationUnit. /// It's changeable if OU hierarchy is changed. /// </summary> public virtual string Code { get; internal set; }

https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/OrganizationUnit.cs https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/OrganizationUnitManager.cs#L151

and you also check the code from https://github.com/maliming/Owl.GeneralTree
0

arvind.srivastava.tas created 8 months ago

https://github.com/maliming/Owl.GeneralTree

Can we have a quick call?, I need to discuss my requirements in detail please share your email id.
0

maliming created 8 months ago
Support Team Fullstack Developer

hi

You can send your detailed requirements to liming.ma@volosoft.com

I only provide email support. Thanks
0

arvind.srivastava.tas created 8 months ago

Can you please help me out, get any idea to add OUcode filter logic in the Repository for data (Customers) segregation based on mapped User(s).

Requirement - We need to filter data based of user's OUcode
0

maliming created 8 months ago
Support Team Fullstack Developer

hi

https://docs.abp.io/en/abp/latest/Data-Filtering https://docs.abp.io/en/abp/latest/Data-Filtering#entityframework-core https://learn.microsoft.com/en-us/ef/core/querying/filters
0

arvind.srivastava.tas created 8 months ago

In inorder to filter these BusinessUnits mapped users, We have to add a new column "BusinessUnits Code" under all data such as "Customers" and, "Invoices" and then we can take the login user BusinessUnits code and filter it accordingly.

Is there any other way around to avoid creating new new column "BusinessUnits Code" in all transactional data tables?

please see if we connect and discus this in detail, Please share your email id.
0

maliming created 8 months ago
Support Team Fullstack Developer

hi

You can consider adding an intermediate table without adding a new column.

eg
0

arvind.srivastava.tas created 8 months ago

We were trying to avoid any changes (not adding a new column and no intermediate table) in transactional data tables such as "Customers" and, "Invoices" because these data tables sit in separate microservices and databases, and where BusinessUnits data sit in Tenant_Admin Database.
0

maliming created 8 months ago
Support Team Fullstack Developer

hi

You can use the ID(guide) of "Customers" and "Invoices" in the Tenant_Admin Database without creating a relationship.

Different microservices may use different databases. It is not possible to create database relationships. So using ID is an option
0

arvind.srivastava.tas created 8 months ago

Can you share any boilerplate code to explain ID(guide)?
0

arvind.srivastava.tas created 8 months ago

Any update on this? Please treat this urgent requirement, We are a licensed subscriber for ABP.IO, Please see if we can have a quick connect.
0

maliming created 8 months ago
Support Team Fullstack Developer

hi

ID(guid)

It's the value of the primary key. You just need to store it in the Tenant_Admin Database and then query some entities based on it.

Microservice A, table: Customers , database: DB1 | Guid | Name | | --- | --- | | 3ce8f395-2f9b-4531-b02f-ae702c2f4dbf | C1 | | 886446c2-a5b1-4f3c-ac54-c81d02e5fe71 | C2 |

Microservice B, table: BusinessUnits , database: DB2 | BusinessUnits Guid | BusinessUnits Code | --- | --- | | bd749c47-d05f-4cd7-a705-a4c27dddfd07 | 00001 | | 8ce29410-6ed1-4fc7-910f-5046a311ce07 | 00002 |

Microservice B, table: BusinessUnitsAndCustomer , database: DB2 | Customers Guid | BusinessUnits Guid | --- | --- | | 3ce8f395-2f9b-4531-b02f-ae702c2f4dbf | bd749c47-d05f-4cd7-a705-a4c27dddfd07 | | 886446c2-a5b1-4f3c-ac54-c81d02e5fe71 | 8ce29410-6ed1-4fc7-910f-5046a311ce07 |

Have an answer to this question? Log in and write your answer.