I'm creating this topic following this first one : https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=11553&p=30940#p30940 where I was asking for implementation advice.
I'm trying to build an application that provides specific permissions according to authenticated user :
1/ Permissions for basic users > same behavior as regular aspnetzero application
2/ Permissions for "external" users > limited to very limited UI
As you can see, the goal is to limit application for users that are considered as "externals".
I'm planning to extend user entity with a boolean property called "IsExternal". This property will be set to true if an external user submits some data (like creating a ticket for assistance purpose). All other users will have this property set to false.
this property will be available on angular side by using AppSessionService > this allows to restrict UI easily (like chat, account managements...) for external users.
Nevertheless, I'm facing some chalenges with this design. I would like to manage users in two different ways.
I want to manage standard users with existing UI (with Angular UserComponent) and create a dedicated UI for external users.
- How can I separate permissions for standard users and for external users ? should I do it in PermissionAppService ? Or by implementing some filtering somewhere
- How can I separate roles for classic users and roles for external users ? With RoleManager ? With RoleAppService ?
- How can I adapt user repository to provide standard users OR external users but never displaying both ?
Thank you for your help