"Out Of The Box" Security


#1

I'm new to Radzen.... and exploring its capabilities.

One thing I couldn't find was "out of the box" security for the tables... like I've used with other tools.

I could go on and give some User Stories.

But, I think it would be easier to share a link to a description on how another tool implements it. PHP Maker is a good example at the following...

Tutorial - Advanced Security - Dynamic User Level Security

What I love about this is... It is simple to get up and running with row level security... and it can be changed on the fly.

This is especially nice for the "not so technical" users...

Right now, this is the "showstopper" keeping me from using Radzen for all of my projects...


#2

Hi @JohnSmith,

We have actually built-in security using .NET Core Identity:

and Active Directory support:

In my opinion Radzen default security is much easier since you do not have to deal with your database schema at all - everything can be setup quickly from Radzen UI.

Best Regards,
Vladimir


#3

Vlad,

I appreciate you getting back to me...

Did you get a chance to look at the link I posted?

It goes far beyond "basic" security... and keeping users from accessing a form... based on a role.

It implements row level security....

This has been a requirement for every web app I've built over the past two decades...

Users can only see their rows... and they cannot see other users' rows.

Managers can see their rows and their team members' rows...

Administrators can see all the rows...

I could go into all the details... But, the link I posted will save me from repeating it all here.

If I'm missing something, I'd love to hear how Radzen implements Advanced Security - Dynamic User Level Security including Static and Dynamic User Levels like PHP Maker "out of the box."

In the end, this is one wheel I don't want to "reinvent." :slight_smile:

Thanks,

John


#4

Hi John,

You are right! I’ve missed the row level security - we do not have that.

We will check carefully the implementation you’ve referred and we will do our best to improve our own security!

Thank you very much once again for your feedback!

Have a great day!
Vladimir


#6

Vlad,

One more thing.... :smile:

I would ask when this is added to Radzen.... Please... Please... Please implement it like PHP Maker did.

I've used a couple other tools that require you to manually "hard code" it directly in each and every form in the "code generator's" UI...

These were tedious.... I needed to go into every form... copy and paste the new code...

These were inflexible.... every time a change needed to be made... I needed to go into every form... copy and paste the updated code... recompile... and redeploy.

These made me want to pull my hair out.... really.

I wasted dozens of hours because they didn't really think through the process... or how much work it would create... It totally blows my mind they didn't look at PHP Maker to see how others implemented this in their "code generator's" UI.

Ideally, I would like to see a concept very similar to PHP Maker's "Advanced Security - Dynamic User Level Security" in Radzen.... It makes it very easy for Developers and App Administrators.

Thanks,

John