Stack Overflow
Stack Overflow

Questions tagged [role-based-access-control]

113 questions
12
votes
1 answer

Django rest framework group based permissions for individual views

I am using DRF for writing API's. I would like to give different permissions for each view in my Modelviewsets. I have two groups(customers and staff). I have filtered them as Isstaff and Iscustomer in permissions.py. class…
jaisimha ramanujapura
  • 183
  • 1
  • 9
10
votes
5 answers

How to implement Role based restrictions/permissions in react redux app?

I have a React-Redux-KoaJs application with multiple components. I have few user roles as well. Now i want to display few buttons, tables and div to only specific roles and hide those from others. Please remember i dont want to hide the whole…
Harshit Agarwal
  • 1,349
  • 2
  • 12
  • 19
10
votes
1 answer

Hierarchical role/permissions based access

I want to build a Hierarchical Role Base access control. This is my current schema: Currently I have two options to build this system: Attach all required permission to a role (not-hierarchical) Attach only special "level" permissions and…
Cristian
  • 1,919
  • 3
  • 21
  • 33
9
votes
3 answers

Dynamic authorization of roles asp.net core

This is not a duplicate question or rather the solutions given in other solutions have not worked. Lets say there is a controller [Authorize(Roles=//set dynamically)] public IActionResult DashBoard(LoginModel model) { } I have tried the solutions…
Sujit.Warrier
  • 2,337
  • 2
  • 25
  • 38
7
votes
1 answer

angular 2 subscribe value change not reflecting on html

This is quite confusing to me. I might not have a solid understanding of how subscription works. Angular 2 finalized version Goal: Hide/Show navigation menu based on roles Approach: I use Facebook to authenticate users. After authentication, user…
Chuck
  • 209
  • 1
  • 4
  • 11
7
votes
1 answer

How to handle role based authorization in AngularJS?

I am creating a web app which will satisfy two requirements for the users. Note: I am new to AngularJS as a web development platform. Front-end - 1: Its a search functionality where users can search for specific documents and studies based on…
CalmWinds
  • 157
  • 1
  • 3
  • 12
7
votes
0 answers

Dynamic generation of RBAC roles and permissions

I’m looking for a methodology for generating new RBAC roles on demand. I am developing a RBAC system that will have two primary parameters. Rather than simply having a user associated with a role, and that role associated with a group of…
jcropp
  • 1,118
  • 8
  • 24
6
votes
1 answer

GraphQL - How to distinguish Public from Private fields?

Context I have a GraphQL API and a NodeJS & Angular application with a MongoDB database that holds users. For each user, there is a public page with public information like id and username. When a user is logged in, there is a private profile page…
Nicky
  • 2,826
  • 2
  • 25
  • 54
6
votes
1 answer

Entity-level access control in a hierarchical data scheme

I have a requirement for entity-level authorization that's frankly over my head. I'm hoping to get some guidance on this permission structure, how I might implement it in .NET 4.5, and if there are ways I could improve it. Here it goes: I have a…
jungos
  • 466
  • 4
  • 20
5
votes
1 answer

OAuth-2.0/JWT - guidance about when to use scope vs roles

I'm quite well versed with most things related to OAuth 2.0 and JWTs, but one thing that's still a bit confusing is if/when to use scopes vs. roles. I think some of the confusion is coming from how role-based authorization works in ASP.NET Core…
Ryan.Bartsch
  • 1,550
  • 11
  • 29
5
votes
2 answers

Yii Framework 2.0 Role Based Access Control RBAC

Learning Yii Framework 2.0 I have tried to use Role Bases Access Control from the documentation of Yii 2.0. But the guide documentation is too short to me that I cannot complete this learning. I have added the following code to my config…
O Connor
  • 3,676
  • 12
  • 38
  • 75
4
votes
2 answers

Keycloak: authZ with nodeJS

I am trying to secure a REST API using keycloak authorization mechanisms. My API is in NodeJS with express. Say I have this API: http://www.example.com/api/v1/houses The endpoint supports GET/POST/PUT/DELETE. A house has a name and an owner: { …
cdupont
  • 774
  • 3
  • 14
3
votes
0 answers

MERN stack MongoDB Permission and Access Level Setup

I am creating a MERN Stack application. I am very confused about access permission to keys in my mongoDb schemas. I came from Firebase which allowed you to set up node level read/write access controls in the Firebase rules. Below is an example I…
Michael
  • 127
  • 10
3
votes
2 answers

generate role-based claims for aws cognito id token

Authenticate with AWS Cognito, I can get ID token including cognito:groups { admin, user}. From ASPNetCore Webapi, I can authorize using Policy (folows AWS tutorial…
beewest
  • 3,068
  • 4
  • 20
  • 43
3
votes
1 answer

Adding Role Based Redirection Upon Login to React App

So I have an app that currently works fine on login, just takes you to the basic app. I created a new page called AdminDashboard.js, and added a new part to the json called "Admin" which is set to 1 for admin users and 0 for everyone else. I don't…
Mariana Gomez-Kusnecov
  • 265
  • 1
  • 3
  • 15
1
2 3 4 5 6 7 8