103 Security: Authorization. Server Side. - chempkovsky/CS82ANGULAR GitHub Wiki
Two aspects
Notes
Two aspects
Security has two aspects: Authentication and Authorization
Notes
- As we wrote above Microsof
IdentityDbContext
will be used to implement individual user accounts.- The first thing to note is the lack of a user interface for managing user data.
- The second thing is the permissions which Angular project should receive right after login.
- Again, we don't have a store for such permissions, and we don't have a Web API service that sends permissions to the client side.
- User interface for managing user data should include Admin pages which
- list the users
- modify the users data
- list the app roles
- modify role assignment for the selected user
- list the users
- Storage for
permissions
should include Admin pages which- list all DTOs defined in the app
- assign permission bitmask for the pair of the given role and the given DTO
- permission bitmask consists of the permission bits
- BIT0: permission to display the list of items
- BIT1: permission to Add item
- BIT2: permission to Update item
- BIT3: permission to Delete item
- BIT4: permission to apply full scan filtering
- permission bitmask consists of the permission bits