Open Closed

Manage user fields #7887


User avatar
0
Fabio.Zinesi created
  • ABP Framework version: v8.2.0
  • UI Type: Blazor Server
  • Database System: EF Core (SQL Server,
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

I need a suggestion.

We have 3 users (mark, james and roger), grouped in 2 roles (admin (mark and james) and viewer(roger)).

We have a domain entity called customer with 5 properties (name, surname, address, city, vatID)

admin users can edit and view all the properties viewer users can edit only the name and the surname e view the adress, city and vatID james can only view name and surname

We need to manage this in the front end and also in the API (if james is logged in swagger he haven't to see the value of the fields)

How we can manage this by ABP framework?


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can check the permissions of current users in the application service layer.

    Then, fill the entity properties to dto.

    If there is no permission, set the DTO property to empty or null.

  • User Avatar
    0
    Fabio.Zinesi created

    Do you have an example code of something similar?

  • User Avatar
    0
    Fabio.Zinesi created

    I haven't understand how to do this.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    This is very simple. You only need to check the current user's permissions and then set values ​​for the DTO class in application services.

    https://abp.io/docs/latest/framework/fundamentals/authorization#iauthorizationservice

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11