How do I do permissions in asp.net identity

Question

I am trying to use asp.net identity and would like my roles to have permissions. Users could then have a set of roles which dictate what permissions they have

I cant find any permission related objects on asp.net identity - it this achievable using asp.net identity?

Many thanks

Answer 1

The short answer is no, not out of the box. You will need to "roll your own".

If you read this article on one of Microsoft's own websites which talks about Creating and Managing Roles in ASP.NET you'll notice that there is no discussion of permissions. The ASP.NET roles framework is very plain Jane.

Rolling your own is a bit of a learning curve but the journey will be exhilarating! The way that I (and others) did it is I created a new class which implements IPrincipal and then added a new custom called HasPermission(PermissionId requestedPermissionId) which does for permissions what "IsInRole()" does for roles.

Something like this:

public bool HasPermission(PermissionId requestedPermissionId) {

// "PermissionsHeld" is of type IEnumerable<PermissionId>

// If PermissionsHeld is null then the user doesn't hold any permissions
if(this.PermissionsHeld == null) {
    return false;
}

// Returns true when PermissionsHeld contains "requestedPermissionId"
return this.PermissionsHeld.FirstOrDefault(ph => ph.PermissionId == requestedPermissionId) != null;
}

You can learn more about integrating your custom IPrincipal implementation by reading these articles: Custom Authentication and Authorization and Implementing Custom Authentication for ASP.NET. There are many other articles like those two; I picked those two because at a glance they seemed to cover everything that I ended up implementing in my project.

Good luck! I had a lot of fun building my own implementation of the same.