Reputation: 197
ServiceStack - roles and permissions
I'm implementing ServiceStack's Roles and Permissions. I send
{"UserName":"JASON1","Permissions":["CanAccess"],"Roles":["Admin"]}
via http://localhost:15465/api/json/reply/AssignRoles
but i got following error:
{
"AllRoles": [],
"AllPermissions": [],
"ResponseStatus": {
"ErrorCode": "Invalid Role",
"Message": "Invalid Role",
"StackTrace": "[AssignRoles: 3/11/2015 11:12:02 PM]:\n[REQUEST: {UserName:JASON1,Permissions:[CanAccess],Roles:[Admin]}]\nServiceStack.HttpError: Invalid Role\r\n at ServiceStack.RequiredRoleAttribute.AssertRequiredRoles(IRequest req, String[] requiredRoles)\r\n at ServiceStack.Auth.AssignRolesService.Post(AssignRoles request)\r\n at lambda_method(Closure , Object , Object )\r\n at ServiceStack.Host.ServiceRunner`1.Execute(IRequest request, Object instance, TRequest requestDto)",
"Errors": []
}
}
what will be the solutions and where are some built in roles and permissions? i couldn't find any information? Thanks.
Upvotes: 1
Views: 1517
Answers (1)
Reputation: 143284
The AssignRolesService shouldn't be called by anyone, by default it can only be called by someone in the RoleNames.Admin, i.e. Admin Role.
Use custom Assign Roles Service
You can ignore this default behavior by instead using your own custom Service to assign roles which is just a wrapper around the IAuthRepository.AssignRoles() API, e.g:
public class CustomRolesService : Service
{
public IAuthRepository AuthRepo { get; set; }
public object Post(AssignRoles request)
{
var userAuth = AuthRepo.GetUserAuthByUserName(request.UserName);
if (userAuth == null)
throw HttpError.NotFound(request.UserName);
AuthRepo.AssignRoles(userAuth, request.Roles, request.Permissions);
return new AssignRolesResponse();
}
}
Master AuthSecret
To help with development ServiceStack also supports specifying a master password with:
SetConfig(new HostConfig { AdminAuthSecret = "secretz" });
Which then lets you by-pass any protected service with the QueryString:
?authsecret=secretz
Upvotes: 1
Related Questions
- Get servicestack roles from http context
- Require admin role for ServiceStack's RegistrationFeature
- ServiceStack caching users roles and permissions approach
- Servicestack Roles Users and Groups
- Servicestack 4.5.6 broke HasRole and HasPermission
- How to programmatically assign roles and permissions to services and/or RequestDTOs
- ServiceStack AuthFeature assign and unassign roles
- ServiceStack adding roles and permissions with custom AuthUserSession
- How to require one permission *or* another permission to access a ServiceStack web service?
- Authorization Roles and Permissions