Entity Authorization: Create, Read, Update, Delete
By default, all entities require authorization for Create, Read, Update, and Delete operations.
If your code encounters an authorization issue (e.g., an UnauthorizedException - You don't have the necessary rights to perform the operation.), it means the current user lacks the necessary permissions.
⚠️ Skipping Authorization: If you want to explicitly bypass authorization for an entity, you can apply the [DoNotAuthorize] attribute. This disables all security checks for that entity across all operations.
If your entity requires access control, follow the steps in this tutorial to configure proper authorization.
⚠️ Skipping Authorization: If you want to explicitly bypass authorization for an entity, you can apply the [DoNotAuthorize] attribute. This disables all security checks for that entity across all operations.
If your entity requires access control, follow the steps in this tutorial to configure proper authorization.
1. Insert Permissions into the Database
- Open SQL Server Management Studio (SSMS).
- Connect to your SQL Server instance (see Step 9 in the Getting Started guide).
- Locate your application database in the Object Explorer.
- Right-click the database and select New Query.
- Execute the SQL commands below, replacing YourEntityName with the actual entity name:
2. Assign Permissions to a Role
In the application UI:
- Navigate to Administration → Roles.
- Select the role you want to modify.
- In the Permissions control, add the newly created permissions.