Get the source code for this video for FREE → the-dotnet-weekly.ck.page/permissions2 Want to master Clean Architecture? Go here: bit.ly/3PupkOJ Want to unlock Modular Monoliths? Go here: bit.ly/3SXlzSt
@@MilanJovanovicTech Great thank you! I like that you split this serie in more videos, it's easier to watch. It only got maybe disadvantage for new subscribers, that it's not all in 1 video. But it would be long and maybe less interesting to watch.
Really like the conversion of the enum to a new entity with key:value and the automatic seeding. I have always avoided use of enums with efcore for things like status values as I couldn't figure out a way to get the full key and value into the DB reliably. Will try to replicate this, thanks
Hi Millan, I love the you structure your code and its so clean indeed, but then the more I watch the more confused I get. Is there anyway you can help by making things perhaps understandable or probably make recommendations on how to catchup.
Hi , First of all i wanna say that it is amazing content thanx for sharing such a great content. But there is a question that makes me think: after making our project working in production server , how we can add new permission enum? we only have to add that on code side? and after adding new permission enum we should make new migrate, how we can handle that situation with production code?
Is it better to use HasPermission attribute with IRequest query or command implementation as Jason Taylor did with Authorize attribute in clean architecture?
I have sum issuse with this lection, The collection navigation 'Role' cannot be added to the entity type 'User' because its CLR type 'Role' does not implement 'IEnumerable'. Collection navigations must implement IEnumerable of the related entity.
Hi Milan, I'd like to categorize the Permissions and I'll create enum for them public enum PermissionCategory { Admins= 1, Users= 2} should I loop the Permission enum and add PermissionCategory value as the foreign key or create a custom attribute "say Category" with each Permission then use your way to seed permissions data? public enum Permission { [Category(PermissionCategory.Admins)] ManageRoles = 1, [Category(PermissionCategory.Users)] ManageProfiles = 2 }
@@MilanJovanovicTech That doesn't work when there are more Roles of the same type attached to more users while saving changes. Any clean idea on how to preload those Roles from the database ? For reference the error is: "The instance of entity type 'Role' cannot be tracked because another instance with the same key value for {'Id'} is already being tracked". The error happens before I can even attach them (my approach was to use a save changes interceptor). It happens once the ChangeTracker gets read, as it tries to detect changes. Oh and also, I would rather not deactivate the auto detection of changes as it helps with saving changes. Thanks in advance for the answer!
Alternatively, I managed to create a backing field where I store only the Id for the Role inside the User class. Outside my domain I get access to the role by using a get only property that searches inside the Role.GetValues() for that Id, so when creating users, instead of letting ef core decide whether the Role is a new entity or not, I only persist the backing field Id and ignore the property altogether inside my db config. (I would still be interested in preloading data, as it may cover another use case that this example didn't)
I have implemented this in two projects recently, one thing that I struggled with was how to make a menu out of this permission enum and only show those menu items which the user has permission to.
I'm trying to test this aprouch and I have to initialize my Roles, Permissions, Users, RolePermissions and RoleUsers. My test database starts empty, how can I use linq to initialize those entities?
@@MilanJovanovicTech I'm sorry, I asked the question wrong. By following your videos I was able to implement the HasPermission method and initialize the permissions and related entities using IEntityTypeConfiguration and builder.HasData. The problem is in the API tests using xUnit, I use the CustomWebApplicationFactory class that inherits from WebApplicationFactory to initialize my databases but I'm not able to insert the related entities. Could you explain how to seed the Permissions, Roles and RolePermissions in the CustomWebApplicationFactory?
I need your Help I am getting this error while running the application Some services are not able to be constructed (Error while validating the service descriptor 'ServiceType: Microsoft.AspNetCore.Authorization.IAuthorizeData Lifetime: Scoped ImplementationType: Gatherly.Infrastructure.Authentication.HasPermissionAttribute': Unable to resolve service for type 'Gatherly.Domain.Enums.Permission' while attempting to activate 'Gatherly.Infrastructure.Authentication.HasPermissionAttribute'.)
Oh the video is so great,but i have a stuck when apply [authorize(Policy = "A")] for controller but i wanna authorize from Controller except some Action in Controller Ex: [authorize(Policy = "A", ExceptAction = "CreateTask")] I cannot write new attribute to override, can you help me the solution(.NET 6 or 8)?
Why would you use Permission enum as it is, when you introduced to smart enums? Isn't that creating too much chaos when you use both enum and smartenums in your project? and why you need smartenums If you just used Permission enum without hesitation?
@@MilanJovanovicTech thanks for a reply! In that case, in a context of DDD, can I use smart Enumeration as a base class for my ValueObject also, in scenarios when I need static properties in my VO?
@@MilanJovanovicTech I really like your project structure. Don't you think there should be a video to create a project structure on which you are currently working in this video so that your viewer can write and practice the concept on the same project structure.
What is the point of storing all the configuration in the database if it does not change (everything is seeded into DB)? If there would be a UI that would allow admins to change permissions for roles, then I would understand why. It would be better to keep it in memory - static classes with configuration would not take a lot of memory and would be much faster.
How difficult would it be to expose a few endpoints for managing it? Not much with all of this in place. Also, you get the benefit of having FK constraints between Users and roles/permissions.
@@MilanJovanovicTech That's true, but if you know that permissions and role-permission mapping will never change (or not change in near future), then implementing it with DB store is overkill. I have implemented permissions just like in your example but without DB and the system is in production for 3 years and we never had a need to change the mapping. We only add new features and new permissions. Configuration in code works well in such scenario.
Get the source code for this video for FREE → the-dotnet-weekly.ck.page/permissions2
Want to master Clean Architecture? Go here: bit.ly/3PupkOJ
Want to unlock Modular Monoliths? Go here: bit.ly/3SXlzSt
Great content. Keep them coming. It would also be great to see a video for resource-based authorization.
Thank you Milan✊💯🤝 From Uzbekistan!
You're welcome, glad you liked it 😁
Awesome , waiting for the next video of this series.
Coming out tomorrow 🔥
Awesome series, bro! Keep it up! Greetings from Bulgaria 🇧🇬!
The next video will be the most important, it's where we stick it all together
Благодаря много 😁
Awesome! Liked, subscribed)
Keep continuing to create such intensive and helpful lessons)
Thank you! Will do!
what a clean way to implement that!
pretty interesting. thank u for this tutorial
Glad you liked it! 😁
Keep up the good work Milan.
Thank you!
@@MilanJovanovicTech I also wanted to recommend a similiar library, but YT keeps removing my comments for some reason.
As always your content is the best
Thanks, Fernando, I think you're one of the best supporters I have 😊
Great as always Milan 👌
Thanks a lot, Ramy!
Amazing way to implement that Milan! From Perú 💯!
Thanks!
Great ideas! Thank you! Looking forward for continuation! 😊
Thank you, glad you liked it. The next video will put everything together 😁
@@MilanJovanovicTech Great thank you! I like that you split this serie in more videos, it's easier to watch. It only got maybe disadvantage for new subscribers, that it's not all in 1 video. But it would be long and maybe less interesting to watch.
@@MaxSupercars The entire authentication series is close to 90 minutes, so definitely need to split it
Beautiful implementation. Top job.
Many thanks!
Another great video!
Thank you. Next one is the most important in the series 😁
Thank you Milan for video
You're very welcome :)
What's inside the Enumeration class? (in Gatherly.Domain.Primitives) Is there any video that covers this?
Take a look at this video: ua-cam.com/video/v6cYTcEfZ8A/v-deo.html
Great Video. Thank you :)
Awesome, I'm glad you liked it
Really like the conversion of the enum to a new entity with key:value and the automatic seeding. I have always avoided use of enums with efcore for things like status values as I couldn't figure out a way to get the full key and value into the DB reliably. Will try to replicate this, thanks
You can also use value converters, and just store the enum value
@@MilanJovanovicTech I've always wanted both in the DB though as it's useful to be able to see what the value means
Hi Millan, I love the you structure your code and its so clean indeed, but then the more I watch the more confused I get. Is there anyway you can help by making things perhaps understandable or probably make recommendations on how to catchup.
Start from Part 1 🤷♂️ And possibly code along
Hi , First of all i wanna say that it is amazing content thanx for sharing such a great content. But there is a question that makes me think: after making our project working in production server , how we can add new permission enum? we only have to add that on code side? and after adding new permission enum we should make new migrate, how we can handle that situation with production code?
Create a new migration, and add the permissions to the DB
Is it better to use HasPermission attribute with IRequest query or command implementation as Jason Taylor did with Authorize attribute in clean architecture?
I prefer doing auth on the endpoints
I have sum issuse with this lection, The collection navigation 'Role' cannot be added to the entity type 'User' because its CLR type 'Role' does not implement 'IEnumerable'. Collection navigations must implement IEnumerable of the related entity.
You probably did something different with the relationship configuration?
@@MilanJovanovicTech i think no, in user config i have builder.HasOne(e => e.Role)
.WithMany()
.HasForeignKey("RoleID");
Hi Milan,
I'd like to categorize the Permissions and I'll create enum for them
public enum PermissionCategory { Admins= 1, Users= 2}
should I loop the Permission enum and add PermissionCategory value as the foreign key
or create a custom attribute "say Category" with each Permission then use your way to seed permissions data?
public enum Permission
{
[Category(PermissionCategory.Admins)]
ManageRoles = 1,
[Category(PermissionCategory.Users)]
ManageProfiles = 2
}
Second approach with attributes looks beautiful!
Enumeration is missing please reorder videos on the series
I'm pretty sure it's not
How do you prevent EF from trying to create a new Role (with a duplicate key) every time you save changes?
Answered on Patreon also, but for anyone reading - just call Set.Attach(roleInstance) and it won't be an issue
@@MilanJovanovicTech That doesn't work when there are more Roles of the same type attached to more users while saving changes. Any clean idea on how to preload those Roles from the database ?
For reference the error is: "The instance of entity type 'Role' cannot be tracked because another instance with the same key value for {'Id'} is already being tracked".
The error happens before I can even attach them (my approach was to use a save changes interceptor). It happens once the ChangeTracker gets read, as it tries to detect changes. Oh and also, I would rather not deactivate the auto detection of changes as it helps with saving changes.
Thanks in advance for the answer!
Alternatively, I managed to create a backing field where I store only the Id for the Role inside the User class. Outside my domain I get access to the role by using a get only property that searches inside the Role.GetValues() for that Id, so when creating users, instead of letting ef core decide whether the Role is a new entity or not, I only persist the backing field Id and ignore the property altogether inside my db config. (I would still be interested in preloading data, as it may cover another use case that this example didn't)
whats the Enumeration class? is it some type of custom made enums?
Here: ua-cam.com/video/v6cYTcEfZ8A/v-deo.html
I have implemented this in two projects recently, one thing that I struggled with was how to make a menu out of this permission enum and only show those menu items which the user has permission to.
You need to be able to read the permissions client side
Either by fetching from DB, or passing them in JWT
in which video you had writen Enumeration ?
This one: ua-cam.com/video/v6cYTcEfZ8A/v-deo.html
i watched your video on Enumerations but I dont find a GetValues static method there. Am I missing something?
It just returns the dictionary values
I'm trying to test this aprouch and I have to initialize my Roles, Permissions, Users, RolePermissions and RoleUsers. My test database starts empty, how can I use linq to initialize those entities?
Add them to the DB at startup
@@MilanJovanovicTech I'm sorry, I asked the question wrong. By following your videos I was able to implement the HasPermission method and initialize the permissions and related entities using IEntityTypeConfiguration and builder.HasData.
The problem is in the API tests using xUnit, I use the CustomWebApplicationFactory class that inherits from WebApplicationFactory to initialize my databases but I'm not able to insert the related entities. Could you explain how to seed the Permissions, Roles and RolePermissions in the CustomWebApplicationFactory?
I need your Help
I am getting this error while running the application
Some services are not able to be constructed (Error while validating the service descriptor 'ServiceType: Microsoft.AspNetCore.Authorization.IAuthorizeData Lifetime: Scoped ImplementationType: Gatherly.Infrastructure.Authentication.HasPermissionAttribute': Unable to resolve service for type 'Gatherly.Domain.Enums.Permission' while attempting to activate 'Gatherly.Infrastructure.Authentication.HasPermissionAttribute'.)
Watch Part 3/Part 4 - you need to add a few more things
Hi Milan,
What is the implementation for GetValue()
Where?
@@MilanJovanovicTech , I have figured it out. Thank you 😊
@@velkumars26 Can you tell me what it is ?
@@velkumars26 Can you share the code ? Or tell me where you found it ?
Oh the video is so great,but i have a stuck when apply [authorize(Policy = "A")] for controller but i wanna authorize from Controller except some Action in Controller
Ex: [authorize(Policy = "A", ExceptAction = "CreateTask")]
I cannot write new attribute to override, can you help me the solution(.NET 6 or 8)?
AllowAnonymous?
@@MilanJovanovicTech no, i wanna put authorize on action method and ignore authorize on controller
Why would you use Permission enum as it is, when you introduced to smart enums? Isn't that creating too much chaos when you use both enum and smartenums in your project? and why you need smartenums If you just used Permission enum without hesitation?
Smart enums have behavior, but also let you simplify seeding
@@MilanJovanovicTech thanks for a reply!
In that case, in a context of DDD, can I use smart Enumeration as a base class for my ValueObject also, in scenarios when I need static properties in my VO?
Hi, I am your new viewer. I want that video link where you created this whole project structure. Please share.
There isn't one starting from scratch
@@MilanJovanovicTech I really like your project structure. Don't you think there should be a video to create a project structure on which you are currently working in this video so that your viewer can write and practice the concept on the same project structure.
Hello Milan, I get an error when I want to Subscribe from Patreon. I just live on patreon. Anyone else having problems?
That is very strange. Is it still not functioning? I didn't get any complaints recently.
@@MilanJovanovicTech Yes that is right. I wanted to subscribe too, I got an error. Turkey does not accept credit cards.
If u are using classes that are not default or importable, u need to show us how they work or let we have the code...
You can find the source code on Patreon :)
How can I get source code
Start from here: ua-cam.com/video/4cFhYUK8wnc/v-deo.html
please provide the code link.
www.patreon.com/milanjovanovic
What is the point of storing all the configuration in the database if it does not change (everything is seeded into DB)? If there would be a UI that would allow admins to change permissions for roles, then I would understand why. It would be better to keep it in memory - static classes with configuration would not take a lot of memory and would be much faster.
How difficult would it be to expose a few endpoints for managing it? Not much with all of this in place.
Also, you get the benefit of having FK constraints between Users and roles/permissions.
@@MilanJovanovicTech That's true, but if you know that permissions and role-permission mapping will never change (or not change in near future), then implementing it with DB store is overkill.
I have implemented permissions just like in your example but without DB and the system is in production for 3 years and we never had a need to change the mapping. We only add new features and new permissions. Configuration in code works well in such scenario.
@@pioners1001 Except changing permissions in your case require downtime. While permissions in the DB can be added/removed without downtime.