Again a great explanation. I would personally have done the test on ProbationMonths like the following, as not every month has 30 days: _if (employementDate.AddMonths(requirement.ProbationMonths).Date < DateTime.Now.Date)_ Also it would have been nice to have added an example on how to check the requirements in the page itself so you wouldn't show the link if the user doesn't have the requirements: (I wanted to know so I checked it out myself) If you want to check the separate claims only, you can use the following in the page: _@if (User.HasClaim("Admin", ""))_ _{_ _Settings_ _}_ And if you want to check the full requirements/policy use the following in the page (best to put the using/inject into the __ViewImports.cshtml_): _@using Microsoft.AspNetCore.Authorization_ _@inject IAuthorizationService AuthorizationService_ _@if ((await AuthorizationService.AuthorizeAsync(User, "HRManagerOnly")).Succeeded)_ _{_ _Human Resource Manager Page_ _}_
Nice exploration, thanks! Just a question please, how could we implement a custom policy for manipulating a specific db records, for example users have a permission to getAllCustomer info for a custom defined city for these customers What is the idea? Thanks in advance 🎉
Hello Frank, nice video. I'm assuming the policy is used in a controller to limit the access. I have a question. Instead of putting the months requirement in the policy definition, is it possible to pass that number through the policy attribute on the controller method? I'm asking because I would much rather create a single authorization handler and policy for a given module in my application, and then pass the parameter in the controller, than create multiple policies with the parameter hard coded. Hope that made sense.
To get the complete course: frankliucs.com/identity
Thanks a lot to you my friend! No one give such a great course about Razor Auth methods, but you!! You are In my heart forever!
Again a great explanation.
I would personally have done the test on ProbationMonths like the following, as not every month has 30 days:
_if (employementDate.AddMonths(requirement.ProbationMonths).Date < DateTime.Now.Date)_
Also it would have been nice to have added an example on how to check the requirements in the page itself so you wouldn't show the link if the user doesn't have the requirements:
(I wanted to know so I checked it out myself)
If you want to check the separate claims only, you can use the following in the page:
_@if (User.HasClaim("Admin", ""))_
_{_
_Settings_
_}_
And if you want to check the full requirements/policy use the following in the page (best to put the using/inject into the __ViewImports.cshtml_):
_@using Microsoft.AspNetCore.Authorization_
_@inject IAuthorizationService AuthorizationService_
_@if ((await AuthorizationService.AuthorizeAsync(User, "HRManagerOnly")).Succeeded)_
_{_
_Human Resource Manager Page_
_}_
Thanks for sharing this great resource, Best of Luck
thanks! great video
Thanks a ton ❤❤ .. amazing
Nice one with good explanation. Please keep post good real time samples and implementation
Awesome Frank.
Thank you
Thanks Ricardo!
Waiting for your videos always ...thank you
Nice exploration, thanks!
Just a question please, how could we implement a custom policy for manipulating a specific db records, for example users have a permission to getAllCustomer info for a custom defined city for these customers
What is the idea? Thanks in advance 🎉
is it standard practice to name the folder Authorization?
Hello Frank, nice video. I'm assuming the policy is used in a controller to limit the access. I have a question. Instead of putting the months requirement in the policy definition, is it possible to pass that number through the policy attribute on the controller method? I'm asking because I would much rather create a single authorization handler and policy for a given module in my application, and then pass the parameter in the controller, than create multiple policies with the parameter hard coded. Hope that made sense.
I thought when I recorded the video, the month requirement was passed in during dependency injection in the startup file.
Is it possible to do a DB query in the Handler to check that a claim matches something in the db ?
You can do almost anything in there.
@@FrankLiuSoftware thx
how to prevent 2 registered user with same role to not access each other data?
Your queries need to have that limit as a condition
@@FrankLiuSoftware can you kindly explain a little more
@@sawairasana if we are talking about entity framework you can use "HasQueryFilter" in dbcontext class to filter every query to the database.