Add role control
This commit is contained in:
Chris Chen
@@ -0,0 +1,25 @@
|
||||
namespace ROLAC.API.Entities;
|
||||
|
||||
/// <summary>
|
||||
/// One row per (Role × Module). Stores what the role may do on that module.
|
||||
/// The effective permission for a user is the boolean OR of these flags across
|
||||
/// all of the user's roles. <c>super_admin</c> is never stored here — it bypasses
|
||||
/// permission checks entirely (see PermissionAuthorizationHandler).
|
||||
/// </summary>
|
||||
public class RolePermission
|
||||
{
|
||||
public int Id { get; set; }
|
||||
|
||||
/// <summary>FK to AspNetRoles.Id.</summary>
|
||||
public string RoleId { get; set; } = null!;
|
||||
|
||||
/// <summary>Module constant name (see <see cref="Authorization.Modules"/>).</summary>
|
||||
public string Module { get; set; } = null!;
|
||||
|
||||
public bool CanRead { get; set; }
|
||||
public bool CanWrite { get; set; }
|
||||
public bool CanDelete { get; set; }
|
||||
public bool CanApprove { get; set; }
|
||||
|
||||
public AppRole Role { get; set; } = null!;
|
||||
}
|
||||
Reference in New Issue
Block a user