0
IbrahimSarigoz created
We want to grant a user with update permissions an additional permission at the property level of an entity, ensuring they do not have the authority to modify that specific property. For example, a user should have permission to update a Book entity but should not be able to change its Name property, while another user should be able to change it. What is the most ideal way to achieve this?
- ABP Framework version: v8.1.3
- UI Type: MVC
- Database System: EF Core Oracle
- Tiered (for MVC) or Auth Server Separated (for Angular): yes Tiered
- Exception message and full stack trace:
- Steps to reproduce the issue:
1 Answer(s)
-
0
Hi,
ABP and ASP.NETCore does not have a solution for this scenario, you can check the discussion here https://stackoverflow.com/questions/62263805/asp-net-core-3-1-web-api-authorization-on-model-property-level
