Roles functionality #80
Comments
|
+1 |
1 similar comment
|
+1 |
|
@Juzzers It's because You need to define permissions also. so in this case You need to do is this.permissionsService.addPermission('accessAnalystsSection') and then define role |
|
What's the purpose of adding permissions as well in the NgxRoleService.addRole('ADMIN', [...])? I would have thought adding the permissions there would override the need to do it in the PermissionService. |
Thanks, but it seems to me that addPermission will grant that permission to the current session won't it? So if you first need to grant every permission before you can create any roles, what difference does it make having the roles? If you have 3 different roles, you first grant every permission in every role before you can create them? |
|
I agree. I don't see the point to have roles which can contain an array of permissions if adding a role doesn't create the corresponding individual permissions. If I had to do: and in my component I want to ensure the current user has I would expect that |
|
@Juzzers @blackholegalaxy I gave it much thought why i haven't dont this its cause i was thinking use case when permissions are functions. I guess i will implement that when You pass array it will add permissions also (it will be less confusing for users of the library). |
|
@Juzzers @blackholegalaxy The only problem is that right now it covers the use case when you have you need to compare with '&&' You will use roles. I will need to create new method for this one is the name addRolesWithPermissionsDefined is good for You or maybe i should use different name? |
|
In the readme, I don't see much explaination about having the permissions being functions. What is a real world use case for that? |
|
@blackholegalaxy You can define Your custom logic for example if You need && or || or Make a call to the backend and it will check if allowed You can do anything. |
|
regarding this issue i have implemented it but there is one problem cause when You want to delete role You expect that that roles will be also deleted |
|
Hi everyone..any news about that?..is an importatn funtionality...thanks |
|
I’m also very confused as what purpose providing a permissions array to the role does? What was the motivation in allowing the permissions array as a second parameter to roles? That’s particularly confusing because the docs give examples where a permissions array is being used. |
|
@troydietz this cover cases when for example You need to use 'AND' operator. For example User should have permissions 'ADMIN' 'EDITOR' at the same time. You can't do it with permissions cause its checking 'OR' operator. Hope this helps |
Even though, the example above works when loading only one permission! It doesn't work when there are more than one: this.permissionsService.loadPermissions(['createTopic', 'editTopic']); any updates on this feature? |
|
How does it works currently? Can I define the permissions for every role, and then by just loading the role get all my permissions? like: ['ADMIN', canViewDocuments, canEditDocuments] Can I load EDITOR, and acquire all the permissions for EDITOR ? |
|
I am still very confused at what benefit the role provides since you must add all permissions before the role. If the author could give a short example (with code) demonstrating the use case, perhaps that would help clear up my confusion. I'm sure you had a valid reason for taking the approach you did. |
|
Hi @troydietz . Sorry for the late reply. The biggest difference between role and permission and when You have role and You add permissions it will check with '&&' Operator. So for example You need that the user should have admin and editor permission. You just create 'Super user' role and add this two permissions.
I will try to update wiki page. Hope this helps. |
with role as superuser and want to allow only did if not work, is there any way to do that ? thanks |
|
Hi @weiztech. I understand what You are talking about to make it work. You need first add permissions. this.permissionsService.addPermissions['admin, 'editor;] Then everything will work. |
|
@AlexKhymenko Thank you for your response. I think I understand where the confusion is coming from. The way I think I'd use a role is a different from you. In most cases, I would never think of using a role in the ngxPermission directive. Instead, I'd only use permissions. For example, this is how I imagine using roles and permissions: <div *ngxPermissions="canViewMessage">
<div *ngFor="message in messages">
<span>{{ message }}</span>
<a *ngxPermissions="canDeleteMessage" (click)="deleteMessage(message)">Delete</a>
</div>
<compose-message *ngxPermissions="canPostMessage"></compose-message>
</div>Possible roles: I can't think of a time where I'd really want to say *ngxPermissions="Admin". And since with ngx-permission you have to load all of the permissions before creating the Admin role, creating the role doesn't provide me anymore benefit. To be clear, I'm not saying your approach is wrong, I'm just starting to understand why I was confused before. I think you and I think of using roles in slightly different ways. Thank you very much for your response 😃 |
Thanks, its worked 👍 |
I second that. It would make much sense to define a role as a collection of certain permissions/attributes. So the user is assigned a certain Role like Visitor or Admin or RegisteredVip possibly. Each of these roles has certain permissions assigned and in code one would just check against these attributive permissions. On second thought, as much sense as it would make, this kind of role system doesn't have much to do with ngxPermissions. Such roles depend on the user management system one chooses to use. Also, the readme could use better examples. As far as I understand the concept right now, we should think of a role like a collection of REQUIRED permissions. So a role would look like And then one could use I recommend to add a bold and explicit note into the readme to clarify what this role system is and what it is not. |
|
hi Alex, My TS as below template as below Expected output Actual output I am quite confused as my intention is to call myself "SUPERMAN" (role) with given permissions 'addUser', 'configPay'. So, technically, for any doesn't have the two, should be hide, shouldn't it? |
|
That's because this project is very counter-logical / counter-intuitive and actually doesn't help with what 99% of people are trying to achieve with it. Very unfortunate because it is an otherwise very beautiful project as far as I'm concerned. |
OMG!! i hope what you said isn't true... i jz came from CASL given the popularity, i decided to move to ngx-permission instead and straight away i hit a huge roadblock |
|
Hi @AlexKhymenko do You have any plans to change this functionality ? I think a lot of users (so do I) are confused with need to mantain permissions in two places. I had exactly the same doubts as people in this thread and I was not able to exactly know how lib works from docs without console logging output and reading this thread. Maybe at least some config should be added to have all permissions combined ? |
|
Hi @dtomaszewski I actually developed this functionality but something stoped me. I will revisit this functionality :-) |
|
Thank For all Your patience. Added this functionality + more. Added addRoleWithPermissions, addRolesWithPermissions, flushRolesAndPermissions. Available in 8.1.1. Have a great day :-) |
|
Thanks @AlexKhymenko I'll check it asap :) |
I'm submitting a...
Current behavior
Although roles can be defined using addRoles, assigning a name and a list of permissions, there appears to be no functionality gained by doing so, that I can see. The permission list is ignored and only the role names are relevant. Perhaps I'm misunderstanding.
Expected behavior
I would expect the ability to assign one or more of the defined roles to the current session and that the relevant permissions would be included in authorization checks such as ngxPermissionsOnly.
Minimal reproduction of the problem with instructions
Environment
The text was updated successfully, but these errors were encountered: