R
ryan0001
Guest
Advice on permissions for asp.net core Identity
Hello,
I'm implementing a docuemnt website where people can create and share,edit documents with pulic or people in thier organisation in a webapp (web api asp.net core 2.2, currently using Identity and JWT).
My question is what way should I approach authorization is it possilbe with just identity or will i need extra tables.
Here are some permssions the user will have on docs:
Can Read,
Can Edit,
Can Create,
Can Delete
Can Share:
- Can make the docutment Publicly accessible
- Can share with another User(individual) private doc
- Can share with users in organisation
Think of it kind of like google docs you can see a list of docs and share with org or other users.
How would i approach creating authorization for such shared resources User Claims ? Custom Permissions table ?
A view for the list page ?
Any Advice would be helpful!
// Sudo code
Docuemnt{
id,orgId?, // maybe no org
name,
creadedByUserId
}
Organisation{
orgId,
name,
ICollection<identityUser> users
}
identityUser{
UserId,
orgId?, // maybe no orgusername,
ICollection<identity role> roles
ICollection<identity claim> claimsICollection<Docuemnt> documents // Documents created by this user
}
Continue reading...
Hello,
I'm implementing a docuemnt website where people can create and share,edit documents with pulic or people in thier organisation in a webapp (web api asp.net core 2.2, currently using Identity and JWT).
My question is what way should I approach authorization is it possilbe with just identity or will i need extra tables.
Here are some permssions the user will have on docs:
Can Read,
Can Edit,
Can Create,
Can Delete
Can Share:
- Can make the docutment Publicly accessible
- Can share with another User(individual) private doc
- Can share with users in organisation
Think of it kind of like google docs you can see a list of docs and share with org or other users.
How would i approach creating authorization for such shared resources User Claims ? Custom Permissions table ?
A view for the list page ?
Any Advice would be helpful!
// Sudo code
Docuemnt{
id,orgId?, // maybe no org
name,
creadedByUserId
}
Organisation{
orgId,
name,
ICollection<identityUser> users
}
identityUser{
UserId,
orgId?, // maybe no orgusername,
ICollection<identity role> roles
ICollection<identity claim> claimsICollection<Docuemnt> documents // Documents created by this user
}
Continue reading...