Radzen - Security - Default - Read only access for unathorized

koblamic · March 25, 2022, 9:28am

Hello,
it there any elegant way how to allow to role "Everyone" to read the data in the application (MSSQL).
But for any other (update, insert, delete) would need the logged-in user?

I am using angular version and the security for role Everyone of the views is ok,
but the Data API is secured in a way, that all actions need authorization (even select).

Thank you

korchev · March 25, 2022, 11:12am

There isn't a built-in way to do that. You can enable authorization at controller level as shown here: Security and Authorization. Enabling authorization at method level /GetXXX, UpdateXXX/ is possible but would need you to add the controller to Radzen's code generation ignore list.