AUTHORIZATION
IDENTIFY THE ROLES OF THE APPLICATION
So far we have identified two macro-groups, anonymous users and authenticated users. However, a distinction must also be made for authenticated users, that is, users who possess a certain role that allows them to do certain operations that are precluded to all the rest of the users since they do not possess that role.
A user who has associated the Teacher role via claim can perform all the operations that a basic user performs. However, there will have to be a user who assigns these roles, for example, from basic user to Teacher. This is the role of the administrator.
A user can assume multiple roles and an administrator can be stripped of this role because he or she perhaps changes companies and revert to the privileges of a basic user.
ASSIGN A ROLE TO A USER WITH THE USER MANAGER
Let’s see how to assign roles by taking advantage of the User Manager object.
The role is assigned to the user with Claims.
Let’s look at the code needed to assign a role via the User Manager.
This code was implemented in the OnPostAsync method of the ViewModel Register.cshtml.cs. I invite you to download the code from GitHub and look at how I implemented it.
CREATE A FORM FOR ROLE MANAGEMENT
Let us see what the user interface of assigning and revoking a role will look like.
I invite you to consult the code that accomplishes this functionality found under the Pages/Admin/Users directory. I give you an excerpt of the main methods, assignment and revocation.
LIST THE USERS WHO HAVE BEEN ASSIGNED A ROLE
Let’s see how to list users who have been assigned a role with the User Manager object. See the commented file Users.cshtml.cs .Assigning roles as mentioned is an administrative prerogative, login with the following credentials to make the roles link appear.
email:admin@example.com
password:Paperino1!
LINK TO CODE ON GITHUB
Download the section18 code or the master branch or clone the GITHUB repository to have all the sections available in your favorite editor.
Leave A Comment