Remove From My Forums

Claims Saving to custom field

Question

User-183185495 posted

Ok So I managed to get my claims extrra fields into the AspnetUserClaims table my question is how do i save against those fields when am doing the following.

 await userManager.AddClaimAsync(defaultUser, new Claim("Permission","Create"));                
 await userManager.AddClaimAsync(defaultUser, new Claim("Permission","Read"));
 await userManager.AddClaimAsync(defaultUser, new Claim("Permission", "Updated"));                
 await userManager.AddClaimAsync(defaultUser, new Claim("Permission", "Delete"));

I thought I should be able to just go this but it doesnt allow me to

await userManager.AddClaimAsync(defaultUser, new Claim("Permission","Create","ControllerName", "AreaName"));

But of course claim knows nothing about my backing fields?

This is how am creating the extra fields and why do it also create the extra discrimator field i didnt ask it to.

public  class AspNetUserClaims : IdentityUserClaim<string>
{
        public string? Controller { get; set; }
        public string? Area { get; set; }
        public string? Action { get; set; }
        public bool? isActive { get; set; }
        public string? Name { get; set; }
}

Friday, May 14, 2021 8:16 PM

All replies

0

Sign in to vote

User475983607 posted

It looks like you used inheritance. Create a new derived class not the base class. The base class knows nothing about the Controller and Area fields.

Friday, May 14, 2021 8:45 PM
0

Sign in to vote

User-183185495 posted

Create a new derived class not the base class.

Sorry what do u mean

Friday, May 14, 2021 8:46 PM
0

Sign in to vote

User475983607 posted

Frankly, I would use the controller or area/controller as the type. Then you can look up the value from the route.

Friday, May 14, 2021 8:51 PM
0

Sign in to vote

User-183185495 posted

I suppose i could just parse it like using a - or something?

Frankly, I would use the controller or area/controller as the key.

Friday, May 14, 2021 8:52 PM
0

Sign in to vote

User-183185495 posted

I still need the is active field as am wanting to give the user some kind of managment screen for the permissions.

Frankly, I would use the controller or area/controller as the type. Then you can look up the value from the route.

Friday, May 14, 2021 8:53 PM
0

Sign in to vote

User475983607 posted

I suppose i could just parse it like using a - or something?

I don't know how your application works but it seems like you want granular control over HTTP methods. I would use the URL (route) and HTTP verbs as the value.

Friday, May 14, 2021 8:55 PM
0

Sign in to vote

User475983607 posted

I still need the is active field as am wanting to give the user some kind of managment screen for the permissions.

I do not understand the requirement or how it relates to a permissions screen? Either the user has a claim (active) or does not have the claim (not active).

I think it is important to mention this design has the potential to reach the authentication cookie maximum size. A better approach might be a separate table to hold the authorization data. Cache the user's authorization data during login.

Friday, May 14, 2021 9:46 PM

Asked by:

Claims Saving to custom field

Question

All replies