Open Closed

Problem,in assign a new role to the user #2289


User avatar
0
gvnuysal created
  • ABP Framework version: v4.3.3
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no

Hi support, when we assign a new role to the user, we could not gain the properties of this role without logging out and logging in When we do F5 it doesn't work either.

We kept the user's token duration long.


8 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team

    Hi,

    We plan to introduce dynamic claims to solve the problem, see https://github.com/abpframework/abp/pull/8676

    For now, you can refer this: https://support.abp.io/QA/Questions/2090/How-to-clear-cache-for-features

  • User Avatar
    0
    gvnuysal created

    Thanks @liangshiwei. But problem not solved. https://support.abp.io/QA/Questions/2090/How-to-clear-cache-for-features#answer-f36c97e0-8c78-c2ca-8362-3a000f923d93

    I tried the middleware in the link above

  • User Avatar
    0
    liangshiwei created
    Support Team

    Hi,

    The middleware is just an example, you need to change the code according to your needs.

    For your case, you need to replace the AbpClaimTypes.Role claim.

  • User Avatar
    0
    gvnuysal created

    Hi @liangshiwei,

    It would be nice if you could share an example.

  • User Avatar
    0
    liangshiwei created
    Support Team

    Try

    public static class RefreshRolesMiddlewareExtension
    {
        public static IApplicationBuilder UseRefreshRolesMiddleware(this IApplicationBuilder app)
        {
            return app.Use(async (ctx, next) =>
            {
                var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>();
    
                if (!currentUser.IsAuthenticated)
                {
                    await next();
                    return;
                }
    
                var userManager = ctx.RequestServices.GetRequiredService<IdentityUserManager>();
    
                var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>();
                var user = await userManager.GetByIdAsync(currentUser.GetId());
                var roles= await userManager.GetRolesAsync(user);
                var claims = currentPrincipalAccessor.Principal.Claims.ToList();
    
                claims.RemoveAll(x => x.Type == AbpClaimTypes.Role);
                claims.AddRange(roles.Select(x=> new Claim(AbpClaimTypes.Role, x)));
    
                using (currentPrincipalAccessor.Change(claims))
                {
                    await next();
                }
            });
        }
    }
    
  • User Avatar
    0
    gvnuysal created

    Thanks @liangshiwei.

  • User Avatar
    0
    gvnuysal created

    Hi @liangshiwei. When I add the middleware you shared above, I get the following error.

  • User Avatar
    0
    liangshiwei created
    Support Team

    Hi,

    Please try:

    public static class RefreshRolesMiddlewareExtension
    {
        public static IApplicationBuilder UseRefreshRolesMiddleware(this IApplicationBuilder app)
        {
            return app.Use(async (ctx, next) =>
            {
                var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>();
    
                if (!currentUser.IsAuthenticated)
                {
                    await next();
                    return;
                }
    
                var userManager = ctx.RequestServices.GetRequiredService<IdentityUserManager>();
    
                var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>();
                var user = await userManager.GetByIdAsync(currentUser.GetId());
                var roles= await userManager.GetRolesAsync(user);
    
                currentPrincipalAccessor.Principal.Identities.First().AddClaims(roles.Select(x=> new Claim(AbpClaimTypes.Role, x)));
    
                await next();
    
            });
        }
    }
    
Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13