C
C#2mo ago
ВВассралман

Ef core seed (data)

namespace EventManager.SqlRepository.EntityConfigurations
{
    internal sealed class ApplicationUserRolesConfiguration : IEntityTypeConfiguration<ApplicationUserRole>
    {
        public void Configure(EntityTypeBuilder<ApplicationUserRole> builder)
        {
            builder.HasData(
                new ApplicationUserRole
                {Id = "A117A8B5-F055-4A06-98A6-faxA4CEDBB24",Name = "Member", NormalizedName = "MEMBER",AccessDescription = "Can Subscribe/Unsubscribe on Events, has access to own account manipulations",ConcurrencyStamp = "member-concurrency-stamp",
                },
                new ApplicationUserRole
                {Id = "190F2xxC-7177-4C77-BAd2-9121A40206BB",Name = "Admin",NormalizedName = "ADMIN",AccessDescription = "Can Manipulate with Events, has access to own account manipulations",ConcurrencyStamp = "admin-concurrency-stamp",
                },
                new ApplicationUserRole{Id = "e2H52d72-326e-4AV3-8f1b-7d1a2c2ed14b",Name = "Owner", NormalizedName = "OWNER",AccessDescription = "Can Manage Roles, can assign Roles to Users",ConcurrencyStamp = "owner-concurrency-stamp",
                }
            );
        }
    }

    internal sealed class ApplicationUserSeed : IEntityTypeConfiguration<ApplicationUser>
        {
            public void Configure(EntityTypeBuilder<ApplicationUser> builder)
            {
                builder.HasData(
                    new ApplicationUser
                    {Id = "BC59E711-CEFD-4088-BB9F-19B19F92170D",Email = "[email protected]",EmailConfirmed = true,LockoutEnabled = true,});
            }
        }
    internal sealed class ApplicationUserRoles : IEntityTypeConfiguration<IdentityUserRole<?????>>
    {
        public void Configure(EntityTypeBuilder<ApplicationUserRole> builder)
        {
            builder.HasData(
                new ApplicationUserRole{Id = "e2H52d72-326e-4AV3-8f1b-7d1a2c2ed14b",});
        }
    }

}
namespace EventManager.SqlRepository.EntityConfigurations
{
    internal sealed class ApplicationUserRolesConfiguration : IEntityTypeConfiguration<ApplicationUserRole>
    {
        public void Configure(EntityTypeBuilder<ApplicationUserRole> builder)
        {
            builder.HasData(
                new ApplicationUserRole
                {Id = "A117A8B5-F055-4A06-98A6-faxA4CEDBB24",Name = "Member", NormalizedName = "MEMBER",AccessDescription = "Can Subscribe/Unsubscribe on Events, has access to own account manipulations",ConcurrencyStamp = "member-concurrency-stamp",
                },
                new ApplicationUserRole
                {Id = "190F2xxC-7177-4C77-BAd2-9121A40206BB",Name = "Admin",NormalizedName = "ADMIN",AccessDescription = "Can Manipulate with Events, has access to own account manipulations",ConcurrencyStamp = "admin-concurrency-stamp",
                },
                new ApplicationUserRole{Id = "e2H52d72-326e-4AV3-8f1b-7d1a2c2ed14b",Name = "Owner", NormalizedName = "OWNER",AccessDescription = "Can Manage Roles, can assign Roles to Users",ConcurrencyStamp = "owner-concurrency-stamp",
                }
            );
        }
    }

    internal sealed class ApplicationUserSeed : IEntityTypeConfiguration<ApplicationUser>
        {
            public void Configure(EntityTypeBuilder<ApplicationUser> builder)
            {
                builder.HasData(
                    new ApplicationUser
                    {Id = "BC59E711-CEFD-4088-BB9F-19B19F92170D",Email = "[email protected]",EmailConfirmed = true,LockoutEnabled = true,});
            }
        }
    internal sealed class ApplicationUserRoles : IEntityTypeConfiguration<IdentityUserRole<?????>>
    {
        public void Configure(EntityTypeBuilder<ApplicationUserRole> builder)
        {
            builder.HasData(
                new ApplicationUserRole{Id = "e2H52d72-326e-4AV3-8f1b-7d1a2c2ed14b",});
        }
    }

}
46 Replies
ВВассралман
ВВассралманOP2mo ago
I`m trying to create seed owner , but how implement that if im using Asp.Net Identity?
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
ВВассралман
ВВассралманOP2mo ago
It's my first project, that's why , i just don't know what's best practice
glhays
glhays2mo ago
This IdentityUserRole<?????> sb IdentityUserRole<string> just noticed that in your code.
glhays
glhays2mo ago
Use valid guids, you can generate them via https://www.guidgenerator.com/
Free Online GUID Generator
Free Online GUID / UUID Generator
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
glhays
glhays2mo ago
I sensed based on the sample code provided this is using Identity in some way and seems to be bypassing the built-in managers. I agree and disagree with GUID's, there is controversy when to use and not use over PK <int>'s most of what I understood it revolves around large datasets and the indexing of GUID's is not ideal. SQL Server by all means can auto-populated a GUID PK with the NEWID() as well you can have EF use it with the HasDefaultValueSql(NEWID()) conventions. I see many of the Online streaming services using GUID's for ID's, maybe that's why their so damn slow.... 🤦‍♂️
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
--- using int for id is great and all, but make sure you don't expose the id to the frontend you don't want someone iterating over your database by just trying out all the possible IDs (1, 2, 3, 4, 5, until they hit a 404 Not Found)
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
I am not talking about accessing restricted data ofc in that case the issue is different setup: you are google maps, each business has a numeric, incremental, id would you like for a random script kiddie to iterate over all the businesses in your database? it is public data, sure, but making a dump of an entire table is not what a "normal user" would do only someone that wants to build a database based on your database would do that so preventing that is important
MODiX
MODiX2mo ago
TeBeCo
i agree that in some rare case it matter
Quoted by
<@689473681302224947> from #Ef core seed (data) (click here)
React with ❌ to remove this embed.
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
it's not a "rare case" if my user id is 1000, I instantly know that there are 999 other users, do you want me to know?
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
ig I am too ready to "fight" 😔 , it's ok
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
scraping proxies are a thing, would you ask why the dev doesn't use cloudflare and has the "I am under attack mode" next?
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
rate limiting doesn't prevent a billion different IPs from making one request each
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
true very true
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
I know that some people do have that money, but it's for DDoSing and not scraping 😔
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
some random uhh company is sending spam DNS requests to all possible IPv4 addresses and I had to tune my company's firewall rules, but it's a different IP every time
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
nah that's different altogether
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
out of context for here
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
I change subjects quite fast the DDoS isn't connected to that
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
it's called being talkative and being bad at convos
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
the DDoS part was related to the money, not an argument to the id out of context
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
yes they don't I agreed with you on the money part
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
I was going to suggest mapping it, but I am not aware of a good way, maybe doing random hex bytes using the id as the seed, but that may have collisions but then how would you recover the id from the random hex bytes? needs some good thought
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
in most cases, in internal tools you don't even care about the ID being incremental ig
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
and then you have McDonalds india to mess up authentication and you can access the orders of others 🤣
Unknown User
Unknown User2mo ago
Message Not Public
Sign In & Join Server To View
Arjix
Arjix2mo ago
yeah, it (the id) really doesn't matter in a well designed backend

Did you find this page helpful?