Published on

Authorization in dotnet core with ABP. Part 3

abpauthorizationidentity-server
2 min read
Table of Contents

Intro

In this post we are going to setup the authorization for the dotnet core ABP app. ABP extends ASP.NET Core Authorization by adding permissions as auto policies.

Creating permission

In the ABP application the permission are available in the Contracts project. Find the Permissions class and add your custom permission.

public static class Todo
{
    public const string Default = GroupName + ".Todo";
    public const string Create = Default + ".Create";
    public const string Update = Default + ".Update";
    public const string Delete = Default + ".Delete";
}

Define permission

PermissionDefinitionProvider is where you have to define the permissions.

var myGroup = context.AddGroup(TodosPermissions.GroupName);

var todoPermission = myGroup.AddPermission(TodosPermissions.Todo.Default, L("Permission:Default"));
todoPermission.AddChild(TodosPermissions.Todo.Create, L("Permission:Create"));
todoPermission.AddChild(TodosPermissions.Todo.Update, L("Permission:Update"));
todoPermission.AddChild(TodosPermissions.Todo.Delete, L("Permission:Delete"));

Protecting api endpoint based on permission

Once the permission is defined now we can create use the Authorize attribute to enforce the permission

[Authorize(TodosPermissions.Todo.Default)]
public async Task<List<TodoDto>> GetAll()
{
    return ObjectMapper.Map<List<Todo>, List<TodoDto>>(await todoRepository.GetListAsync());
}

In the above code we have added the default permission to the getAll api call.

Checking permission

ASP.NET Core provides the IAuthorizationService that can be used to check for authorization. Once you inject, you can use it in your code to conditionally control the authorization.

var result = await AuthorizationService
    .AuthorizeAsync(TodosPermissions.Todo.Default);
if (result.Succeeded == false)
{
    //throw exception
    throw new AbpAuthorizationException("...");
}

or

await AuthorizationService.CheckAsync(TodosPermissions.Todo.Default);

For more info check the official docs : https://docs.abp.io/en/abp/latest/Authorization

Related Posts

Changing theme for your ABP app. Part 10

In this post we will explore how to change the theme for your ABP application.

10/26/2021

Deploy ABP Framework dotnet core tiered app to docker swarm. Part 9

In this post we will see how to deploy your dotnet core app with docker container.

9/28/2021

Centralized logging for .net core ABP microservices app using Seq. Part 8

In this post we will see how to implement a central logging system for your ABP app using Seq.

9/26/2021
View on GitHub