score:1
Accepted answer
you could setup a policy to do it :
this just reads a string array from "allowedgroups" in appsettings.json but it demonstrates the fundamentals.
{
"allowedgroups": [ "administrator", "moderator" ]
}
public class hasrolesfromconfigrequirement : iauthorizationrequirement
{
internal string[] allowedgroups;
public hasrolesfromconfigrequirement(string[]? allowedgroups) => this.allowedgroups = allowedgroups;
}
public class hasrolesfromconfighandler : authorizationhandler<hasrolesfromconfigrequirement>
{
protected override task handlerequirementasync(
authorizationhandlercontext context,
hasrolesfromconfigrequirement requirement)
{
var rolesrequired = requirement.allowedgroups;
if (rolesrequired is null)
{
context.fail();
}
else
{
var hasrequiredrole = rolesrequired.where(role => context.user.isinrole(role)).any();
if(hasrequiredrole)
{
context.succeed(requirement);
}
else
{
context.fail();
}
}
return task.completedtask;
}
}
public static class authorizationoptionspolicyextensions
{
public static void addpolicies(this iservicecollection services, iconfiguration configuration)
{
services.addscoped<iauthorizationhandler, hasrolesfromconfighandler>();
services.addauthorizationcore(options => options.configurepolicies(configuration));
}
public static authorizationoptions configurepolicies(this authorizationoptions options, iconfiguration configuration)
{
var localconfiguration = configuration.get<localconfiguration>();
options.addpolicy("hasarequiredrole", policy => policy.requirements.add(new hasrolesfromconfigrequirement(localconfiguration.allowedgroups)));
return options;
}
}
<authorizeview policy="hasarequiredrole">
<div>
has a required role
</div>
</authorizeview>
@page "/fetchdata"
@attribute [authorize(policy = "hasarequiredrole")]
...
[authorize(policy = "hasarequiredrole")]
public class weatherforecastcontroller : controllerbase
a .net6(rc1) repo.
i would personally look at claim based permissions. this way you can assign application resources to a claim. then dynamically assign the claims to roles or individuals.
score:1
attributes are embedded in the assembly at build time. once the project/dll is built, you cannot change the value again.
you need to perform runtime authorization. since you're trying to check roles, inject the configuration and check if the user has any of the roles:
@inject iconfiguration configuration
var isallowed = configuration.getsection("allowedgroups")
.get<string[]>()
.any(group => user.isinrole(group));
further info
Source: stackoverflow.com
Related Query
- How would I dynamically set the allowed Role or Policy for an Authorize View tag or attribute in Blazor from appsettings?
- How to set to row Background color for the ant design blazor table
- How to set the focus to an InputText element?
- How to place submit button for a Blazor EditForm outside of the component
- How to create a build pipeline for Blazor WebAssembly Hosted app on Azure DevOps that publishes the server project not the client?
- How to fix blazor error " The namespace 'Razor' already contains a definition for 'Template' "
- How to format the date using local culture using the blazor <InputDate /> tag
- How to set window title for a MAUI Blazor App targeting Windows?
- How to get Textarea values in Razor(blazor) component, if Textarea is generated under foreach loop dynamically for more then once
- How to serve the right mime type for a blazor site on ubuntu nginx
- How do I Default the date to todays date for required field using EditForm?
- How can I set a format for input numbers in Blazor
- How to set ValidationMessage<TValue>.For Property dynamically in Blazor?
- How to set Default value as null for InputDate field in Blazor?
- How do I turn off Visual Studio background highlighting for the at-symbol (@) in a Razor file?
- How to update server-side changes on the client side for Blazor Server app?
- How to change the default layout in blazor once it set in App.razor?
- How to set placeholder for InputText with bind-Value for formsubmit?
- In Blazor, how to set element IDs to different values per component instance, but the same value within the component instance?
- Dynamically set the culture by user preference does not work
- How do I change the Title/Branding in navigation bar for Blazor WASM Identity pages?
- How can I change the port for a published Blazor Server project?
- Blazor Component Lifecycle - How do you do something async in the component after parameters are set but before they bind
- How to access the validation for single field in EditForm?
- How to fix More than one scoped css files were found for the razor component for Razor Component
- In the default Visual Studio Blazor WebAssembly app, how would you create the HttpClient using IHttpClientFactory?
- Blazor Client No asp.net Hosting, How do I set up web config file for SPA so I don't have to use iis
- How to create a MainLayout for refreshing the current page using Blazor?
- How do I pass data types that are not object as Model for the Form in Blazor?
- How use ASP.NET Core MVC view and Blazor in at the same time?
More Query from same tag
- Blazor and Arg_NullReferenceException
- How do I use a foreign key to get a value from another list?
- How Do I Fix Visual Studio 2022 Out of Memory Issue?
- Wrapping Blazor EditForm not updating Model
- Hide all divs of a certain class with C# in Blazor
- Why can I only call one action on a controller Blazor / aspnet core 3?
- Change Blazor JS interop Serializer Settings
- Blazor server side upload file > 28.6MB functionality
- How do I mark a radio button as "checked" within my Blazor app, while creating the radio buttons inside of a foreach loop?
- 401 How to configure the simultaneous operation of the site by domain name and IP address in blazor wasm + identityserver?
- Type-Safe string Parameter for Blazor Component
- In a Blazor page (Not a Blazor component) why all methods and variables are private inside @code?
- Blazor webassembly resource-based policy with database lookup?
- Singleton service visible from the classes
- Does default directory structure for .net Blazor have to stay?
- How should I embed Blazor server-side into an existed asp.net core project?
- Blazor equivalent to Angular's composite styles?
- Running blazor on macOS
- How do I detect mobile devices in blazor server side application?
- Bootstrap tooltips remain visible after navigation in Blazor app
- Is it safe to include passwords in client-side wasm code?
- How to isolate js variables between different instances of the same component?
- What's the recommended way of rendering a Blazor component dynamically?
- Facing issues with Blazor webapp deployed on Netlify
- How to Get Value in Result View C#?
- Serving static content without a file extension on a Blazor server project
- Missing Blazor template in VS 2017 .Net core 2.2
- Styling of controls inside Toolbar in MudTable
- Exception occurred while processing message. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden
- How can I save a Blazor Component instance in a variable and render it in my .cshtml
