Starts in:
0 DAY
7 HRS
9 MIN
19 SEC
Starts in:
0 D
7 H
9 M
19 S
Open Closed

hierarchical users creation and data access #6705


User avatar
0
arvind.srivastava.tas created

Team - We need to create a new access management system that can control Data (for example customers) visibility on hierarchical users (Mapped to BusinessUnits). parent user can see all the Data (customer(s)) that belong to the user's BusinessUnits and its children's BusinessUnits as well For Example Use Case 1 - Anchor-Global can access and see all customer(s) data. Use Case 2 - Anchor-Asia can access and see only customer(s) related to NG and PK data. Use Case 3 - Anchor-Europe users can access and see only customer(s) related to France and Germany data.

Need your input or any references for the same. Your help will be appreciated in this regard.

  • ABP Framework version: v7.3.0
  • UI Type: Angular
  • Database System: EF Core (PostgreSQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace: Need your input or any sample code for the given requirement.
  • Steps to reproduce the issue:

15 Answer(s)
  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hello,

    Please check if it`s helps you https://support.abp.io/QA/Questions/641/Organizational-Units-restricted-access-and-data-filtering

    Thanks.

  • User Avatar
    0
    arvind.srivastava.tas created

    Hello,

    Please check if it`s helps you https://support.abp.io/QA/Questions/641/Organizational-Units-restricted-access-and-data-filtering

    Thanks.

    Can we have a quick call?, I need to discuss my requirements in detail please share your email id. I will setup a quick connect for the same.

  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    I am assigning this to @maliming.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi arvind.srivastava.tas

    You can refer to the OrganizationUnit implementation for your needs. It filters sub-items by code

    // <summary>
    /// Hierarchical Code of this organization unit.
    /// Example: "00001.00042.00005".
    /// This is a unique code for an OrganizationUnit.
    /// It's changeable if OU hierarchy is changed.
    /// </summary>
    public virtual string Code { get; internal set; }
    

    https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/OrganizationUnit.cs https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/OrganizationUnitManager.cs#L151

    and you also check the code from https://github.com/maliming/Owl.GeneralTree

  • User Avatar
    0
    arvind.srivastava.tas created

    https://github.com/maliming/Owl.GeneralTree

    Can we have a quick call?, I need to discuss my requirements in detail please share your email id.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can send your detailed requirements to liming.ma@volosoft.com

    I only provide email support. Thanks

  • User Avatar
    0
    arvind.srivastava.tas created

    Can you please help me out, get any idea to add OUcode filter logic in the Repository for data (Customers) segregation based on mapped User(s).

    Requirement - We need to filter data based of user's OUcode

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    https://docs.abp.io/en/abp/latest/Data-Filtering https://docs.abp.io/en/abp/latest/Data-Filtering#entityframework-core https://learn.microsoft.com/en-us/ef/core/querying/filters

  • User Avatar
    0
    arvind.srivastava.tas created

    In inorder to filter these BusinessUnits mapped users, We have to add a new column "BusinessUnits Code" under all data such as "Customers" and, "Invoices" and then we can take the login user BusinessUnits code and filter it accordingly.

    Is there any other way around to avoid creating new new column "BusinessUnits Code" in all transactional data tables?

    please see if we connect and discus this in detail, Please share your email id.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can consider adding an intermediate table without adding a new column.

    eg

  • User Avatar
    0
    arvind.srivastava.tas created

    We were trying to avoid any changes (not adding a new column and no intermediate table) in transactional data tables such as "Customers" and, "Invoices" because these data tables sit in separate microservices and databases, and where BusinessUnits data sit in Tenant_Admin Database.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can use the ID(guide) of "Customers" and "Invoices" in the Tenant_Admin Database without creating a relationship.

    Different microservices may use different databases. It is not possible to create database relationships. So using ID is an option

  • User Avatar
    0
    arvind.srivastava.tas created

    Can you share any boilerplate code to explain ID(guide)?

  • User Avatar
    0
    arvind.srivastava.tas created

    Any update on this? Please treat this urgent requirement, We are a licensed subscriber for ABP.IO, Please see if we can have a quick connect.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    ID(guid)

    It's the value of the primary key. You just need to store it in the Tenant_Admin Database and then query some entities based on it.

    Microservice A, table: Customers , database: DB1 | Guid | Name | | --- | --- | | 3ce8f395-2f9b-4531-b02f-ae702c2f4dbf | C1 | | 886446c2-a5b1-4f3c-ac54-c81d02e5fe71 | C2 |

    Microservice B, table: BusinessUnits , database: DB2 | BusinessUnits Guid | BusinessUnits Code | --- | --- | | bd749c47-d05f-4cd7-a705-a4c27dddfd07 | 00001 | | 8ce29410-6ed1-4fc7-910f-5046a311ce07 | 00002 |

    Microservice B, table: BusinessUnitsAndCustomer , database: DB2 | Customers Guid | BusinessUnits Guid | --- | --- | | 3ce8f395-2f9b-4531-b02f-ae702c2f4dbf | bd749c47-d05f-4cd7-a705-a4c27dddfd07 | | 886446c2-a5b1-4f3c-ac54-c81d02e5fe71 | 8ce29410-6ed1-4fc7-910f-5046a311ce07 |

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06