@maliming thank you, i've tried this, but did not succeed:
Issue #1:
when user is logged in, for some reason context.Permissions
is empty here, so I am getting exception (while a user is not logged in - the context.Permissions
contains all proper data):
public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
{
var moduleId = _abxRequestContext.AbxModuleId;
var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToArray(); // context.Permissions is empty!
Issue #2:
I need to get access to custom data for my navigation menu items: meanwhile we use custom field - moduleId
- to pass the accessed page information to server (moduleId is written to our custom IAbxRequestContext
object via our middleware and and eventually is logged to DB table and used in other places). This field was also supposed to be used to identify the page to access via licence permission. But of course PermissionValuesCheckContext
does not contain this data from Angular routing item. Neither IAbxRequestContext
object data is available yet. So how to pass data from navigation menu to CheckAsync
method and decide on what to display and what - not to display?
Issue #3:
is there some ABP cache mechanism to be consumed for caching licence data? Otherwise we would need to re-read this data from DB via appservice each time CheckAsync
is called.
p.s. since we seem to have a noticeable timeshift and not able to correspond in real-time - please provide me with as much detailed answer as possible so i could analyze this approach and find out what's wrong now...
We would like to have permission mechanism on top of existing permission architecture.
For instance, current tenant's company have bound licences, each of licence determines which UI pages ("modules") are accessible for current user. Thus, is the logged-in user has no access to the given page - it has to be hidden from UI navigation route - even before checking the given app / role permissions.
How to implement this mechanism?
I've tried to override existing ABP PermissionChecker
class, doing my licence check there in IsGrantedAsync
, but such approach does not look fully right: I am getting error 403 if there is no access, but instead I need to have the menu item completely hidden from my Angular app navigation route. I need backend mechanism which works for both backend and frontend part.
@albert
I checked it but I couldn't see any logic to disable these tabs. The marked tabs are bootstrap dropdown toggles. Maybe this is not working in your browser. Can you try it on a different browser and send me the results?
I have not noticed, but someone in the team redefined the CSS - as a result, a tab was clicked, but its dropdown content was not displayed. Thank you for the reply!
Seems like I have managed to write it properly. Could you please regain my commercial tickets count, since I've resolved this one myself??
public override async Task ResetPasswordAsync(ResetPasswordDto input)
{
await IdentityOptions.SetAsync();
var currentUser = await UserManager.GetByIdAsync(input.UserId);
var tenants = await _abxUserRepository.FindTenantsByLoginAsync(currentUser.UserName);
foreach (var tenant in tenants)
{
using (CurrentTenant.Change(tenant.AbpId))
{
var abxUser = await _abxUserRepository.FindUserByLoginAsync(currentUser.UserName, tenant.Id);
var tenantUser = await UserManager.GetByIdAsync(abxUser.Id);
var tenantUserResetToken = await UserManager.GeneratePasswordResetTokenAsync(tenantUser);
(await UserManager.ResetPasswordAsync(tenantUser, tenantUserResetToken, input.Password)).CheckErrors();
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = IdentitySecurityLogIdentityConsts.Identity,
Action = IdentitySecurityLogActionConsts.ChangePassword
});
}
}
}
I have the same kind of problem in my solution running on ABP 4.3.0 now: "VerifyUserTokenAsync() failed with purpose: ResetPassword for user."
I test everything on localhost in VS debug mode. As far as I remember, it used to work in the ABP 3.x.x. Any ideas, suggestions?
On other hand, ResetPassword
works OK in test generated 4.3.0 solution on default tenant. So I cannot figure out what could be wrong...
What I have noticed is that ResetToken
is a bit shorter in Test app...
Just in case if it matters: I have custom ProfileAppService
.
Oh, right. Yes - after adding migration class I can see missing table creation code is there. And migration now added missing tables. Eventually "Forgot password" functionality now is OK, no exceptions anymore - e-mail is sent as expected.
Thank you!
Thank you. I have added those configuring methods. I already had corresponding modules included into DependsOn
on all layers.
So I run DbMigrator expecting it would create missing tables now. However, this did not happen - the tables are still missing. What do I do?
Please find below:
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using System.IO;
using Volo.Abp.AuditLogging.EntityFrameworkCore;
using Volo.Abp.BackgroundJobs.EntityFrameworkCore;
using Volo.Abp.EntityFrameworkCore;
using Volo.Abp.FeatureManagement.EntityFrameworkCore;
using Volo.Abp.Identity.EntityFrameworkCore;
using Volo.Abp.IdentityServer.EntityFrameworkCore;
using Volo.Abp.LanguageManagement.EntityFrameworkCore;
using Volo.Abp.PermissionManagement.EntityFrameworkCore;
using Volo.Abp.SettingManagement.EntityFrameworkCore;
using Volo.Saas.EntityFrameworkCore;
namespace AbxEps.CentralTools.EntityFrameworkCore
{
/* This DbContext is only used for database migrations.
* It is not used on runtime. See CentralToolsDbContext for the runtime DbContext.
* It is a unified model that includes configuration for
* all used modules and your application.
*/
public class CentralToolsMigrationsDbContext : AbpDbContext<CentralToolsMigrationsDbContext>
{
public CentralToolsMigrationsDbContext(DbContextOptions<CentralToolsMigrationsDbContext> options)
: base(options)
{
}
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{
var configuration = BuildConfiguration();
optionsBuilder.UseOracle(
configuration.GetConnectionString("Default"),
default(System.Action<Devart.Data.Oracle.Entity.OracleDbContextOptionsBuilder>));
}
protected override void OnModelCreating(ModelBuilder builder)
{
var config = Devart.Data.Oracle.Entity.Configuration.OracleEntityProviderConfig.Instance;
config.Workarounds.DisableQuoting = true;
config.CodeFirstOptions.UseNonLobStrings = true;
config.CodeFirstOptions.UseNonUnicodeStrings = true;
base.OnModelCreating(builder);
/* Include modules to your migration db context */
builder.ConfigurePermissionManagement();
builder.ConfigureSettingManagement();
builder.ConfigureBackgroundJobs();
builder.ConfigureAuditLogging();
builder.ConfigureIdentityPro();
builder.ConfigureIdentityServer();
builder.ConfigureFeatureManagement();
builder.ConfigureLanguageManagement();
builder.ConfigureSaas();
/* Configure your own tables/entities inside the ConfigureCentralTools method */
//builder.ConfigureCentralTools();
}
private static IConfigurationRoot BuildConfiguration()
{
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false);
return builder.Build();
}
}
}
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Volo.Abp.AuditLogging.EntityFrameworkCore;
using Volo.Abp.BackgroundJobs.EntityFrameworkCore;
using Volo.Abp.BlobStoring.Database.EntityFrameworkCore;
using Volo.Abp.EntityFrameworkCore;
using Volo.Abp.FeatureManagement.EntityFrameworkCore;
using Volo.Abp.Identity.EntityFrameworkCore;
using Volo.Abp.IdentityServer.EntityFrameworkCore;
using Volo.Abp.LanguageManagement.EntityFrameworkCore;
using Volo.Abp.Modularity;
using Volo.Abp.PermissionManagement.EntityFrameworkCore;
using Volo.Abp.SettingManagement.EntityFrameworkCore;
using Volo.Abp.TextTemplateManagement.EntityFrameworkCore;
using Volo.Saas.EntityFrameworkCore;
using AbxEps.CT.Batch.EntityFrameworkCore;
using AbxEps.Abp.EF.Oracle.Extensions.Interceptors;
using AbxEps.CT.Core.EntityFrameworkCore;
using Volo.Abp.Auditing;
using AbxEps.CentralTools.Images.Handlers;
namespace AbxEps.CentralTools.EntityFrameworkCore
{
[DependsOn(
typeof(CentralToolsDomainModule),
typeof(AbpIdentityProEntityFrameworkCoreModule),
typeof(AbpIdentityServerEntityFrameworkCoreModule),
typeof(AbpPermissionManagementEntityFrameworkCoreModule),
typeof(AbpSettingManagementEntityFrameworkCoreModule),
typeof(AbpBackgroundJobsEntityFrameworkCoreModule),
typeof(AbpAuditLoggingEntityFrameworkCoreModule),
typeof(AbpFeatureManagementEntityFrameworkCoreModule),
typeof(LanguageManagementEntityFrameworkCoreModule),
typeof(SaasEntityFrameworkCoreModule),
typeof(TextTemplateManagementEntityFrameworkCoreModule),
typeof(BlobStoringDatabaseEntityFrameworkCoreModule),
typeof(CoreEntityFrameworkCoreModule),
typeof(BatchEntityFrameworkCoreModule)
)]
public class CentralToolsEntityFrameworkCoreModule : AbpModule
{
public override void PreConfigureServices(ServiceConfigurationContext context)
{
CentralToolsEfCoreEntityExtensionMappings.Configure();
}
public override void ConfigureServices(ServiceConfigurationContext context)
{
context.Services.AddAbpDbContext<CentralToolsDbContext>(options =>
{
/* Remove "includeAllEntities: true" to create
* default repositories only for aggregate roots */
options.AddDefaultRepositories(includeAllEntities: true);
});
context.Services.AddTransient<IAuditPropertySetter, Abp.DataExtensions.Entities.LogAuditPropertySetter>();
context.Services.AddTransient<IImageHandler, ImageHandler>();
Configure<AbpDbContextOptions>(options =>
{
options.PreConfigure(abpDbContextConfigurationContext =>
{
abpDbContextConfigurationContext.DbContextOptions.UseLoggerFactory(
LoggerFactory.Create(loggingBuilder => loggingBuilder.AddConsole()));
abpDbContextConfigurationContext.DbContextOptions.AddInterceptors(new RemoveQuotesInterceptor());
abpDbContextConfigurationContext.DbContextOptions.EnableSensitiveDataLogging();
});
options.UseOracle();
});
}
}
}