search

Geta / geta-notfoundhandler

The popular NotFound handler for ASP.NET Core and Optimizely, enabling better control over your 404 page in addition to allowing redirects for old URLs that no longer works.
Apache License 2.0
19 stars 15 forks source link

Restrict editing redirects per role/website #109

Closed dejvyd closed 4 months ago

dejvyd commented 4 months ago

Hi,

I'd like to restrict access to redirects based on website and roles.

Our solution has multiple websites with separate roles for access. For example if account has a roleX with access only to websiteX, then only redirects of websiteX should be visible and editable.

I thought about using services.Intercept to intercept IRedirectsService (or even more interfaces if required) and changing returned results based on current url, matched website and current user roles.

Is there a better way to do this than intercepting service? Or could be that there are plans for implementing restrictions?

Example code which I though of can be find here on my post in Optimizely forum.

Hopefully @marisks you're best person to help

Thank you

marisks commented 4 months ago

Hi! No there are no plans to make more granular access rights. That is not a common requirement. And sure you can decorate IRedirectsService and filter results based on your needs.