ASP.NET Core Web API project that simulates the advanced permission management system found in ASP.NET Identity, with additional features for managing permissions at the individual user level.
- Complete simulation of core ASP.NET Identity tables
- Implementation of an advanced permission system that supports:
- Role-based permissions
- User-specific permissions
- Ability to add or remove specific permissions for individual users
- Users - Users table
- Roles - Roles table
- UserRoles - User-Role relationship table
- Permissions - Permissions table
- RolePermissions - Role-Permission relationship table
- UserPermissions - Additional/removed permissions at user level
- System Roles: Protected roles that cannot be deleted
- System Permissions: Core system permissions
- ASP.NET Core 8.0 - Web API Framework
- Entity Framework Core - ORM for database operations
- JWT Authentication - Authentication system
- Custom Authorization Handlers - Custom permission handlers
- Create, update, delete users
- Enable/disable users
- Assign multiple roles to a single user
- Create custom roles
- Link permissions to roles
- Protect system roles from deletion
- Hierarchical permission system (Module.Action)
- Ability to add new permissions
- Group permissions by module
- Role-based Permissions: Users inherit permissions from their roles
- Additional Permissions: Grant extra permissions to specific users
- Revoked Permissions: Remove specific permissions from users even if they have them through roles
The system provides comprehensive REST API endpoints organized into different controllers:
