In my Blazor webassembly project I can see all roles, delete and add new ones. I can also assign a role to a user and authenticate the user based on that.
Now I have for example my RolesController.cs:
// GET: api/Persons
[Authorize(Policy = "SeeAllRoles")]
[HttpGet]
public async Task<ActionResult<IEnumerable<IdentityRole>>> GetRoles()
{
return await _roleManager.Roles.ToListAsync();
}
// GET api/<RolesController>/5
[Authorize(Policy = "GetRole")]
[HttpGet("{id}")]
public async Task<ActionResult<IdentityRole>> GetRole(string id)
{
var role = await _roleManager.Roles.FirstOrDefaultAsync(r => r.Id == id);
if (role == null)
{
return NotFound();
}
return role;
}
Every controller has a unique policy for each action. So that I can restrict each action individually. Normally I would just define the policy in Startup.cs, add .RequireRole("Admin") or something to it and now every user in this role would have access to the policy I specified.
To the question: I want to have a list of roles, as I have now, with the ability to select which policy should be included in this role. So that I can login to my application go to Roles and add a new role NewsDisplay and only select policies necessary to view the news feed. Then I can add users for my various displays and put all of them in the newly created NewsDisplay role.
I guess this is possible but can´t find a sufficient solution to this. Would be nice if someone could give me examples, links, ideas.