So I know you can specify what custom table you would like to use for the Users table when utilizing the InitializeDatabase method on the WebMatrix.WebData.Websecurity class, but I wanted to find out if there is no way to specify the Roles table to use? There might not be any reason - except if you wanted more control over what data is stored with a role.
I think there is no way to specific roles table in Websecurity.InitializeDatabase()
but for example you can include Asp.net Simple Membership tables as part of your entity framework model and more control over it.
This article might assist you in resolving your issue.
Related
I'm using Identity 3 and I want to add some columns in AspNetUser table.
I've tried to do it using EF Core Code first and it's working well but I need to do it DB first.
I was wondering, if I will create the columns manually in database, then create the ApplicationUser class with corresponding properties, will it work?
Yup that should work, I've done it before.
However as time goes on I ended up having to add so many that it got messy.
So eventually I refactored those extra columns into their own related tables:
e.g: User_AdditionalDetails
This was a massive pain as I had live users and had to write scripts to migrate everyone's data etc.
This way you would only need to add a single FK for the related table with all this extra info.
It also neatens the code too, and gives the benefit of being able to load different sets of user properties only when they are needed.
If it's for an application scope property of the user like 'Region' which determines behaviour of core functionality of your app, then I'd say add it straight onto the main ApplicationUser class.
My entire group is new to ASP.Net Core and I was the lucky one tasked with Authentication/Authorization. We have always used a DB first approach, and this is no different, we already have our DB all set up. The higher ups want to use our specific tables for all things Identity, but they also want to leverage the tools that ASP.Net Core gives.
This will be a multi-site app where there is one central database. Our current setup is close to what the scaffolding adds, but has some small differences.
I have read a ton of resources, but the vast majority all focus on the code first approach and I currently don't fully understand what I need and what is there for the code first approach. I have seen a couple of answers that recommend using the .ToTable and .Property inside of OnModelCreate. Is this the best option or am I better off creating my own stores and methods? I currently have a user model created and a store to go with it (based on this site). Is it best for me to try to expand that all the way out (don't full understand how to have it pull in roles and claims).
This is what our DB Schema currently looks like.
At this point we are creating our Roles and Claims via a db script. The only thing we will be using UI's for right now is a page that will let a site admin add users, and assign them roles, and any singular claims they need.
Any help or input would be greatly appreciated as I try to wrap my head around all of this. If I have left out any pertinent information please let me know. As I said with what I have now I can create a user and login, I just have no idea where to go from here (how to add roles and claims).
Here's how I think about it and the steps I would take to approach in solving this problem.
So Microsoft's implementation of Identity is an abstraction of the problem.
The Models that they provide and the Tables that are derived from them is their choice for the default implementation of the abstraction.
So essentially what you want to do is to plug in your models in to this abstraction.
To quickly generate these models from your database you might want to use scaffolding this will generate the DbContext and the Models, you will then have to configure the dbcontext to plug in your design.
And if you look at how you can create your own Identity Tables providing your own objects
here this can give you an idea of how to plug in your models/functions in to this abstraction.
You will most likely have to override the OnModelCreating method to configure the relationship of your tables.
I would like to know what the session user has access to. For example if user X has access to a particular database or a set of tables. When looking into HANA I see that I have the PUBLIC role that allows me to see the database, how can I pull this information using XSJS so I can perform logic based on those roles?
I've used $.session.hasSystemPrivilege("PRIV"); but this is different than checking roles. I tried testing for "INSERT" for inserting into the database which returned false. I know that I can write to the tables. Looking in to the HANA, the system privileges tab is empty for me.
Could someone give me some guidance here?
Create your analytic/calculation view on top of SYS.GRANTED_ROLES or GRANTED_PRIVILEGES.
Expose your view as OData service and access this service in XSJS.
I am working in a Yii project with 4 or 5 roles. Where each role has access to similar forms and views but do not see all fields. Also there are reports which are only for management level roles.
In the past I have managed permissions based on per field control to avoid repeating code, but this get into a nightmare.
My question is, what is the best approach you have used to handle permissions? per field or per view?
I was thinking in create different views and the admin can select which ones to assign to each role.
Any ideas you can bring will help me.
Use RBAC module http://www.yiiframework.com/doc-2.0/guide-security-authorization.html
Once you have defined you role and permission you can use the function provided by Yii2 for show /hide the field you need or for lead the code behavior
I know that each time a user registers in my ASP.NET MVC application the ApplicationUser class is used to create the new record and put it in the database.
I was wondering if it's okay to add properties to that class for example I want the model to have a column in the database for DateOfBirth. Then use that class(model) directly in my application when I have to do some business logic things, database queries and similar stuff. Or is it more correct to create a new table in the database called let's say ApplicationAccounts, that saves the general info about the account. Each ApplicationAccount will be associated with a ApplicationUser(1 to 1 relation) and be somewhat of a buffer in the communication with the real accounts. Does that make sense?
I would go with the second option : create your own table, link them up in a one to one relationship using the UserID as a unique foreign key and then go from there.
One note here, it is perfectly normal for the model you need for the views to be different from the database model, this is because your db model can hold a lot of data that your view doesn't actually need. You might want to consider having separate models and use something like Automapper for a quick translation from one to another.