Open Closed

Identity Server User Role/Permission Exceptions #2815


User avatar
0
Spospisil created
  • ABP Framework version: v5.1.3
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): Tiered/MVC

I have a use case where a user is assigned to one or more roles. These roles may have an overlap in terms of permissions but from a user permission perspective the list of available permissions will be a union of all the roles' permissions they are assigned to. However, I would like to make an exception at a user level (not a role level) to a particular user that removes one of the permissions that are assigned to them via the roles they are assigned to WITHOUT creating a separate role that has this exception that gets assigned to the user.

Role 1 Permission A Permission B

Role 2 Permission B Permission C

The above role/permission break down results in a user having Permission A, B, and C. However I want to exclude a user from having permission B despite being assigned to one or more roles that give that user permission.

Can this be done with ABP/Identity Server?


1 Answer(s)
  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    There is no built-in solution to exclude specific permission from the permission list created by the roles union.

    If you are using a user-specific permission system, I would recommend re-designing your roles and using user permissions instead of roles.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38