- ABP Framework version: v7.1.1
- UI type: MVC
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace: no permission check
- Steps to reproduce the issue:" Once an user login, even not assign any roles to this user, it also could access all the pages which defined with permission checking.
12 Answer(s)
-
0
hi
Can I reproduce this in a new template project?
You can also try to clear the Reids.
-
0
hi
Can I reproduce this in a new template project?
You can also try to clear the Reids.
I had tried clear the redis caching, no effort It works well with a new template, this problem occurred on my production environment after upgraded to abp 7.0.
it is so strange, I tried delete all the records in the PermissionGrant table, now, all the user cannot get any permission
-
0
I tried delete all the records in the PermissionGrant table
What were the previous records?
-
0
I tried delete all the records in the PermissionGrant table
What were the previous records?
More than 4 thousands record for variant roles.....
-
0
hi
You can find a way to reproduce it. Then I can resolve it.
-
0
hi
You can find a way to reproduce it. Then I can resolve it.
It occurred in production, I can not find a way to fix it, I can not wait anymore, I have deleted all the permission grant records. Now, I am adding the permission grant again manually
-
0
hi
Did you add some custom code for permissions or seed permissions?
Can you share a username and password so I can reproduce it online?
liming.ma@volosoft.com
-
0
hi
Did you add some custom code for permissions or seed permissions?
Can you share a username and password so I can reproduce it online?
liming.ma@volosoft.com
No customized code for permission related code.
I did a stupid thing, deleted all the permission grant records directly on the production environment, now, can not find a production data to reproduce it, I am observing the permission grant records changes when adding them manually, but before I deleted them there were some odd records with "ProviderKey" filed value, it is a Guid not is a role name, I am not sure how them generated.
I will share the information with you as new permission grant generating
-
1
I came in to post something similar I have been having recently. I saw this post so I am posting it here first since it could be related. In production: I log in. (even as admin) the user logs in but no pages that require permission is showing, This also happens when the user session timeout.
If I logout then log in with same user. That does not help
If I log out and then login with a DIFFERENT user. then I see the pages.
Sometimes clearing browser cache for the app AND the auth server both helps.
This is weird and started recently.
I am on latest (7)
If this is not related then I apologize for the OP. but please try to logout and log in with a different user and see if that help?
-
0
I came in to post something similar I have been having recently. I saw this post so I am posting it here first since it could be related. In production: I log in. (even as admin) the user logs in but no pages that require permission is showing, This also happens when the user session timeout.
If I logout then log in with same user. That does not help
If I log out and then login with a DIFFERENT user. then I see the pages.
Sometimes clearing browser cache for the app AND the auth server both helps.
This is weird and started recently.
I am on latest (7)
If this is not related then I apologize for the OP. but please try to logout and log in with a different user and see if that help?
I have tried using different users to login, so I find this issue on the production, it has the same problem that is why I am worried it, because low level user could see the data which granted for the high level user.
-
0
@trendline I guess a different issue. I will create another ticket. Sorry to piggyback on your question.
-
0
hi trendline
You can share it when you are able to reproduce this problem.
