How to grant access to all pages in the site according to its user role?

Question

My requirement is admin user can grant other users to access number of pages in the site.

Users and their assigned page stores in database like following format.

ID	User ID	ClaimType	Page
1	1	Test	Test.cshtml

I'm trying to achieve this using claim based authorization in asp.net core project.

but the problem is thier is more then 150 pages so need to create 150 seperate policies in "program.cs" file.

Is that any other better way to achieve this goal?

Only assigned users can access the respected action method in specific controller.

I was implemented claim based authorization for each pages.

Program.cs

builder.Services.AddAuthorization(options => 
{
    options.AddPolicy("TestPolicy", policy=> policy.RequireClaim("Test"));
    options.AddPolicy("SamplePolicy", policy => policy.RequireClaim("Sample"));
    
    /* For each pages defined separate policies in program.cs and more then 200 pages available in project */

});

Controller

[HttpGet]
[Authorize(Policy = "TestPolicy")]
public async Task<IActionResult> Test()
{
    
    return View();
}

[`As per claim based authorization`](https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims?view=aspnetcore-7.0#adding-claims-checks) we ought to use Authorize annotations on top of controller. In `services.AddAuthorization` we cannot write all the separate logic for individual controller at same place thus, we no longer need to use annotation on controller. We cannot do that, annotations is prerequisite. — Md Farid Uddin Kiron, May 01 '23 at 07:39

How to grant access to all pages in the site according to its user role?

0 Answers0