Nucleus implements .Net Core Authorization policies in order to control access to controllers and/or controller actions.
To specify an authorization policy on a controller or action, add an Authorize attribute:
[Authorize(Policy = Nucleus.Abstractions.Authorization.Constants.MODULE_EDIT_POLICY)]
|SYSTEM_ADMIN_POLICY||Restricts access to system administrators.|
|SITE_ADMIN_POLICY||Restricts access to site administrators and system administrators.|
|PAGE_EDIT_POLICY||Restricts access to users who are members of a role which has edit permissions for the current page.|
|PAGE_VIEW_POLICY||Restricts access to users who are members of a role which has view permissions for the current page.|
|MODULE_EDIT_POLICY||Restricts access to users who are members of a role which has edit permissions for the current module.|
|SITE_WIZARD_POLICY||This is a special policy used during site setup. Do not use this policy in extensions.|
System administrators and Site administrators always have view and edit rights for all pages and modules.
Module View permissions are always checked before rendering a module. You do not need to specify an Authorization attribute for this check to occur.