When I disable the multitenancy, I want to grant the permissions which are for the tenant. For example,
var odmsUserInterfacePermission = odmsPermissionGroup.AddPermission(
name: OdmsPermissions.UI.UIPermission,
displayName: L("Permission:UI"), // localization string
multiTenancySide: MultiTenancySides.Tenant, // set multi-tenancy side
isEnabled: true // by default is activated
).RequireFeatures(OdmsFeatures.ApplicationBaseFeature);
As you can see, this permission is only for the tenant. But in our case, we want to grant this permission while seeding the users like in the code below.
private async Task GrantPermissionToRole(string permissionName, string roleName)
{
await PermissionManager.SetAsync(permissionName, RolePermissionValueProvider.ProviderName, roleName, true);
}
In the database, I can see the permission which are marked as MultiTenancySides.Both or MultiTenancySides.Host. After that, the exception is thrown:
The permission named 'Odms.UI' has multitenancy side 'Tenant' which is not compatible with the current multitenancy side 'Host'. See the inner exception for details.
---> System.ApplicationException: The permission named 'Odms.UI' has multitenancy side 'Tenant' which is not compatible with the current multitenancy side 'Host'
at Volo.Abp.PermissionManagement.PermissionManager.SetAsync(String permissionName, String providerName, String providerKey, Boolean isGranted)
at Siemens.Abp.Personas.PlatformIdentityDataSeeder.GrantPermissionToRole(String permissionName, String roleName, Nullable`1 tenantId)
at Siemens.Abp.Personas.PlatformIdentityDataSeeder.SeedModelAdminAsync(String adminUserName, String adminEmail, String adminPassword, Nullable`1 tenantId)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Siemens.Abp.Personas.PlatformIdentityDataSeedContributor.SeedAsync(DataSeedContext context)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Volo.Abp.Data.DataSeeder.SeedAsync(DataSeedContext context)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Siemens.Abp.Personas.AbpPersonasModule.SeedAsync(IServiceScope scope, AbpPersonasModuleOptions options, Nullable`1 forcedTenantId)
at Siemens.Abp.Personas.AbpPersonasModule.<>c__DisplayClass1_0.<<OnApplicationInitialization>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at Nito.AsyncEx.Synchronous.TaskExtensions.WaitAndUnwrapException(Task task)
at Nito.AsyncEx.AsyncContext.<>c__DisplayClass15_0.<Run>b__0(Task t)
at System.Threading.Tasks.ContinuationTaskFromTask.InnerInvoke()
at System.Threading.Tasks.Task.<>c.<.cctor>b__272_0(Object obj)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location ---
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
at Nito.AsyncEx.Synchronous.TaskExtensions.WaitAndUnwrapException(Task task)
at Nito.AsyncEx.AsyncContext.Run(Func`1 action)
at Volo.Abp.Threading.AsyncHelper.RunSync(Func`1 action)
at Siemens.Abp.Personas.AbpPersonasModule.OnApplicationInitialization(ApplicationInitializationContext context)
at Volo.Abp.Modularity.AbpModule.OnApplicationInitializationAsync(ApplicationInitializationContext context)
at Volo.Abp.Modularity.OnApplicationInitializationModuleLifecycleContributor.InitializeAsync(ApplicationInitializationContext context, IAbpModule module)
at Volo.Abp.Modularity.ModuleManager.InitializeModulesAsync(ApplicationInitializationContext context)
--- End of inner exception stack trace ---
at Volo.Abp.Modularity.ModuleManager.InitializeModulesAsync(ApplicationInitializationContext context)
at Volo.Abp.AbpApplicationBase.InitializeModulesAsync()
at Volo.Abp.AbpApplicationWithExternalServiceProvider.InitializeAsync(IServiceProvider serviceProvider)
at Microsoft.AspNetCore.Builder.AbpApplicationBuilderExtensions.InitializeApplicationAsync(IApplicationBuilder app)
at Siemens.Odms.Program.Main(String[] args) in C:\Users\z0048kcm\siemens.odms\host\Siemens.Odms.IdentityServer\Program.cs:line 40
We want to use the tenant permission when the multitenancy is false. It seems we need to define new permission group and put our logic when the multitenancy side is false because it is not handled. I think we need such a logic in the PermissionDefinitionProvider
if(multitenancy == true) {
var odmsUserInterfacePermission = odmsPermissionGroup.AddPermission(
name: OdmsPermissions.UI.UIPermission,
displayName: L("Permission:UI"), // localization string
multiTenancySide: **MultiTenancySides.Tenant**, // set multi-tenancy side is true
isEnabled: true // by default is activated
).RequireFeatures(OdmsFeatures.ApplicationBaseFeature);
}
else
{
var odmsUserInterfacePermission = odmsPermissionGroup.AddPermission(
name: OdmsPermissions.UI.UIPermission,
displayName: L("Permission:UI"), // localization string
multiTenancySide: **MultiTenancySides.Host**, // set multi-tenancy side is false
isEnabled: true // by default is activated
).RequireFeatures(OdmsFeatures.ApplicationBaseFeature);
}
I have the same issue in other versions such as 5.1, 5.0
I am using the LocalDistributedEventBus which is default.
Yes, of course. When I configure and map the object which is created by me like document you sent, I can subscribe the event. Like I mentioned, I couldn't subscribe events related with Identity such as creating a new user, creating a new role. Also, I can subscribe these events on Single (Unified) Application Scenario, but not on Separated Deployment & Databases Scenario. I realized above code block, somehow, didn't represent the handler which I created.
Thanks, it works.
Have you tried on Web.Unified which is Single (Unified) Application Scenario? When I runned identity, web.host and http.host separately (which is Separated Deployment & Databases Scenario), I got that problem. Web.Unified works properly.
Aren't there any informations?
Hi,
Thank you.
Hi,
it is already like that
app.UseSwaggerUI(options =>
{
options.DocumentTitle = "NMM API";
// Display latest api version by default
//
var provider = context.ServiceProvider.GetRequiredService<IApiVersionDescriptionProvider>();
foreach (var description in provider.ApiVersionDescriptions)
{
options.SwaggerEndpoint($"/swagger/{description.GroupName}/swagger.json", description.GroupName.ToUpperInvariant());
}
var configuration = context.GetConfiguration();
options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
});
Hi,
I sent the source code