Closed

Problem,in assign a new role to the user #2289

gvnuysal created 3 years ago

ABP Framework version: v4.3.3
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): no

Hi support,
when we assign a new role to the user, we could not gain the properties of this role without logging out and logging in
When we do F5 it doesn't work either.

We kept the user's token duration long.

8 Answer(s)

0

liangshiwei created 3 years ago
Support Team Fullstack Developer

Hi,

We plan to introduce dynamic claims to solve the problem, see https://github.com/abpframework/abp/pull/8676

For now, you can refer this: https://support.abp.io/QA/Questions/2090/How-to-clear-cache-for-features
0

gvnuysal created 3 years ago

Thanks @liangshiwei.
But problem not solved.
https://support.abp.io/QA/Questions/2090/How-to-clear-cache-for-features#answer-f36c97e0-8c78-c2ca-8362-3a000f923d93

I tried the middleware in the link above
0

liangshiwei created 3 years ago
Support Team Fullstack Developer

Hi,

The middleware is just an example, you need to change the code according to your needs.

For your case, you need to replace the AbpClaimTypes.Role claim.
0

gvnuysal created 3 years ago

Hi @liangshiwei,

It would be nice if you could share an example.

liangshiwei created 3 years ago

Support Team Fullstack Developer

Try

public static class RefreshRolesMiddlewareExtension
{
    public static IApplicationBuilder UseRefreshRolesMiddleware(this IApplicationBuilder app)
    {
        return app.Use(async (ctx, next) =>
        {
            var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>();

            if (!currentUser.IsAuthenticated)
            {
                await next();
                return;
            }

            var userManager = ctx.RequestServices.GetRequiredService<IdentityUserManager>();

            var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>();
            var user = await userManager.GetByIdAsync(currentUser.GetId());
            var roles= await userManager.GetRolesAsync(user);
            var claims = currentPrincipalAccessor.Principal.Claims.ToList();

            claims.RemoveAll(x => x.Type == AbpClaimTypes.Role);
            claims.AddRange(roles.Select(x=> new Claim(AbpClaimTypes.Role, x)));

            using (currentPrincipalAccessor.Change(claims))
            {
                await next();
            }
        });
    }
}

0

gvnuysal created 3 years ago

Thanks @liangshiwei.
0

gvnuysal created 3 years ago

Hi @liangshiwei.
When I add the middleware you shared above, I get the following error.

liangshiwei created 3 years ago

Support Team Fullstack Developer

Hi,

Please try:

public static class RefreshRolesMiddlewareExtension
{
    public static IApplicationBuilder UseRefreshRolesMiddleware(this IApplicationBuilder app)
    {
        return app.Use(async (ctx, next) =>
        {
            var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>();

            if (!currentUser.IsAuthenticated)
            {
                await next();
                return;
            }

            var userManager = ctx.RequestServices.GetRequiredService<IdentityUserManager>();

            var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>();
            var user = await userManager.GetByIdAsync(currentUser.GetId());
            var roles= await userManager.GetRolesAsync(user);

            currentPrincipalAccessor.Principal.Identities.First().AddClaims(roles.Select(x=> new Claim(AbpClaimTypes.Role, x)));

            await next();

        });
    }
}