You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the last couple of weeks I made a lot of tests with Dotmim.Sync because I want to refactore a big program.
Instead of using tons of controllers to update and load data I want to use Dotmim.Sync because it seems to be much more simple.
After changing about 80% of my "data transfer" code I can say ... I love Dotmim.Sync. Its a really nice work 👍
The only thing I'm missing now is some kind of policy driven restictions.
With controllers I was able to use the AuthorizeAttribute to prevent users with too low permissions to change data.
With Dotmim.Sync I only found 2 ways to restrict updating data on the server.
Use DownloadOnly for some tables -> this is not possible because some users should be able to upload data
Use filters -> this is not possible because everybody should get the data but not everybody should be able to update it
Is there any other mechanism to prevent updating if the user doesn't have some specific role or claim?
I'm also not sure what the result should be
Do not update data on server and revert the data on the client to match the server again
Show an error while syncing and prevent the complete sync
If there actually is nothing usable for this role/claim specific restrictions, my idea was the following:
Add the Microsoft AuthorizeAttribute on model classes and/or property setter:
Check these attributes on the server side with an WebServerAgent interceptor and do ... I don't know ^^
What do you think?
If you want I can create a PR with some changes or maybe with a complete new Dotmim.Sync.Authorization project with can be used as extension with this feature.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
the last couple of weeks I made a lot of tests with Dotmim.Sync because I want to refactore a big program.
Instead of using tons of controllers to update and load data I want to use Dotmim.Sync because it seems to be much more simple.
After changing about 80% of my "data transfer" code I can say ... I love Dotmim.Sync. Its a really nice work 👍
The only thing I'm missing now is some kind of policy driven restictions.
With controllers I was able to use the AuthorizeAttribute to prevent users with too low permissions to change data.
With Dotmim.Sync I only found 2 ways to restrict updating data on the server.
Is there any other mechanism to prevent updating if the user doesn't have some specific role or claim?
I'm also not sure what the result should be
If there actually is nothing usable for this role/claim specific restrictions, my idea was the following:
What do you think?
If you want I can create a PR with some changes or maybe with a complete new
Dotmim.Sync.Authorizationproject with can be used as extension with this feature.Beta Was this translation helpful? Give feedback.
All reactions