Learn More, Pay Less!
Limited Time Offer!
Open Closed

Request for Role-Based User List Filtering in Identity Management #8724


User avatar
0
Payoff created

I would like to implement role-based filtering for the user list in Identity Management -> Users section. Specifically:

For non-admin users:

  • The user list should be pre-filtered to exclude users with admin roles
  • Users should not see the complete list by default
  • They should only be able to view and manage non-admin users

For admin users:

  • Full visibility of all users should be maintained
  • They should continue to have access to the complete user list
  • All management capabilities should remain unchanged

This enhancement would improve security by ensuring that non-admin users can only view and manage users within their permission level, while admin users retain full system visibility.

  • ABP Framework version: 8.x
  • UI Type: Angular
  • Database System: PostgreSQL
  • Auth Server Separated for Angular: no

3 Answer(s)
  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Hi, I will create an internal issue for your feature request. Thanks for your suggestion.

    Regards.

  • User Avatar
    0
    Payoff created

    Hi, I'm not looking for this to be added as a feature request - I need to implement this functionality **now ** in my current project. Could you please provide guidance on how to implement role-based filtering for the user list with these specific requirements?

    For non-admin users:

    • Filter out users with admin roles from the list
    • Restrict view/management to non-admin users only

    For admin users:

    • Maintain full visibility of all users
    • Keep all existing management capabilities

    Thank you

  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Hi,
    I'm not looking for this to be added as a feature request - I need to implement this functionality **now ** in my current project. Could you please provide guidance on how to implement role-based filtering for the user list with these specific requirements?

    For non-admin users:

    • Filter out users with admin roles from the list
    • Restrict view/management to non-admin users only

    For admin users:

    • Maintain full visibility of all users
    • Keep all existing management capabilities

    Thank you

    Hi, sure. For that purpose, you should extend application services and interface implementations (https://abp.io/docs/latest/framework/architecture/modularity/extending/customizing-application-modules-overriding-services).

    For example, you should extend the IdentityUserAppService and override some of its methods, such as GetListAsync method and check if the current-user has an admin role or not and then call the relevant repository method (of course you should also create a new repository method for that purpose - maybe you can use custom Data-Filtering):

    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(IIdentityUserAppService))]
    public class MyIdentityUserAppService : IIdentityUserAppService, ITransientDependency
    {
        //...
        
        public override async Task<PagedResultDto<IdentityUserDto>> GetListAsync(GetIdentityUsersInput input)
        {
            if(!CurrentUser.IsInRole("admin"))
            {
                //call new repository method which filters to not show the 'admin' users
            }
            
            //keep the existing behaviour
            return await base.GetListAsync(input);    
        }
    }
    
    
Made with ❤️ on ABP v9.2.0-preview. Updated on February 13, 2025, 10:35