Allows multiple roles in AccessDetails

Question

Currently when implementing access rules and permissions we are only allowed to pass one user role to the system. Is there a way to allow the end user to have multiple roles and display files based upon those roles instead of only allowing one role?

AccessDetails.Role would be great if it was AccessDetails.Roles

Prasanth Madhaiyan · Answer

Hi Cletis Gipson,Greetings from Syncfusion support.Yes, it's possible to support multiple roles per user and apply access rules accordingly in the FileManager component. This can be achieved by updating the model and adjusting the access rule evaluation logic.Refer to the below code snippets. [FileManagerAccessController.cs]...namespace CoreSample.Controllers{ [Route("api/[controller]")] [EnableCors("AllowAllOrigins")] public class FileManagerAccessController : Controller { ... [Route("FileOperations")] public object FileOperations([FromBody] FileManagerDirectoryContent args) { this.operation.SetRules(GetRules()); ... } ... public AccessDetails GetRules() { AccessDetails accessDetails = new AccessDetails(); List Rules = new List { //Deny writing for particular folder new AccessRule { Path = "/Documents", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Allow, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false }, // Deny writing for particular file new AccessRule { Path = "/Pictures/Employees/Adam.png", Role = "HR", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true }, // Folder Rule new AccessRule { Path = "/", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false }, }; accessDetails.AccessRules = Rules; accessDetails.Roles = new List { "Document Manager", "HR" }; // Multiple roles return accessDetails; } }}...[Models\Base\AccessDetails.cs]...namespace Syncfusion.EJ2.FileManager.Base{ public class AccessDetails { public IEnumerable Roles { get; set; } public IEnumerable AccessRules { get; set; } } ...}...[Models\PhysicalFileProvider.cs]...protected virtual AccessPermission GetPermission(string location, string name, bool isFile){ AccessPermission FilePermission = new AccessPermission(); if (isFile) { if (this.AccessDetails.AccessRules == null) return null; string nameExtension = Path.GetExtension(name).ToLower(); string fileName = Path.GetFileNameWithoutExtension(name); string currentPath = GetFilePath(location + name); foreach (AccessRule fileRule in AccessDetails.AccessRules) { if (!string.IsNullOrEmpty(fileRule.Path) && fileRule.IsFile && (fileRule.Role == null || (AccessDetails.Roles != null && AccessDetails.Roles.Contains(fileRule.Role)))) { if (fileRule.Path.IndexOf("*.*") > -1) { string parentPath = fileRule.Path.Substring(0, fileRule.Path.IndexOf("*.*")); if (currentPath.IndexOf(GetPath(parentPath)) == 0 || parentPath == "") { FilePermission = UpdateFileRules(FilePermission, fileRule); } } else if (fileRule.Path.IndexOf("*.") > -1) { string pathExtension = Path.GetExtension(fileRule.Path).ToLower(); string parentPath = fileRule.Path.Substring(0, fileRule.Path.IndexOf("*.")); if ((GetPath(parentPath) == currentPath || parentPath == "") && nameExtension == pathExtension) { FilePermission = UpdateFileRules(FilePermission, fileRule); } } else if (fileRule.Path.IndexOf(".*") > -1) { string pathName = Path.GetFileNameWithoutExtension(fileRule.Path); string parentPath = fileRule.Path.Substring(0, fileRule.Path.IndexOf(pathName + ".*")); if ((GetPath(parentPath) == currentPath || parentPath == "") && fileName == pathName) { FilePermission = UpdateFileRules(FilePermission, fileRule); } } else if (GetPath(fileRule.Path) == GetValidPath(location + name)) { FilePermission = UpdateFileRules(FilePermission, fileRule); } } } return FilePermission; } else { if (this.AccessDetails.AccessRules == null) { return null; } foreach (AccessRule folderRule in AccessDetails.AccessRules) { if (folderRule.Path != null && folderRule.IsFile == false && (folderRule.Role == null || (AccessDetails.Roles != null && AccessDetails.Roles.Contains(folderRule.Role)))) { if (folderRule.Path.IndexOf("*") > -1) { string parentPath = folderRule.Path.Substring(0, folderRule.Path.IndexOf("*")); if (GetValidPath(location + name).IndexOf(GetPath(parentPath)) == 0 || parentPath == "") { FilePermission = UpdateFolderRules(FilePermission, folderRule); } } else if (GetPath(folderRule.Path) == GetValidPath(location + name) || GetPath(folderRule.Path) == GetValidPath(location + name + Path.DirectorySeparatorChar)) { FilePermission = UpdateFolderRules(FilePermission, folderRule); } else if (GetValidPath(location + name).IndexOf(GetPath(folderRule.Path)) == 0) { FilePermission.Write = HasPermission(folderRule.WriteContents); FilePermission.WriteContents = HasPermission(folderRule.WriteContents); } } } return FilePermission; }}...For your reference, we have attached the sample. Sample: Attached as a zip file. Check out the attached sample and let us know if you need any further assistance. Regards,Prasanth Madhaiyan.Attachment: CoreSample_6b8fb503.zip