- ABP Framework version: v7.4.5
- UI Type: Blazor WASM
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
- Exception message and full stack trace: none
Steps to reproduce the issue:
- Create a new Blazor Wasm solution using abp suite
- Define the three levels of permission in the Permissions.cs:
public static class Level
{
public const string FirstLevel = GroupName + ".FirstLevel";
public const string SecondLevel = FirstLevel + ".SecondLevel";
public const string ThirdLevel = SecondLevel + ".ThirdLevel";
}
- Add the permissions to the PermissionDefinitionProvider.cs:
var firstLevelPermission = myGroup.AddPermission(PermissionsIssuePermissions.Level.FirstLevel, L("Permission:FirstLevel"));
var secondLevelPermission = firstLevelPermission.AddChild(PermissionsIssuePermissions.Level.SecondLevel, L("Permission:SecondLevel"));
var thirdLevelPermission = secondLevelPermission.AddChild(PermissionsIssuePermissions.Level.ThirdLevel, L("Permission:ThirdLevel"));
- Run the application and open the Permissions modal on the "admin" role:
- Notice how the "SecondLevel" and "ThirdLevel" permissions look to be on the same permission level even tho the "ThirdLevel" permission is a child of "SecondLevel" permission
11 Answer(s)
-
0
hi
We supported this case in 8.0
See https://github.com/abpframework/abp/pull/18343
-
0
Hi,
Thanks for the reply! Is there any possibility to have that feature in version 7.4.5? We would rather not migrate to .Net 8 yet.
-
0
hi
You can override the
PermissionManagementModalcomponent by the code of https://github.com/abpframework/abp/pull/18343/files -
0
Hi,
I have overriden the PermissionManagmentModal and now im able to see the sublevels, but i have noticed that when i uncheck a parent permission the child permissions dont get unchecked. After further investigation i have found this piece of code in the PermissionManagmentModal:
protected List<PermissionGrantInfoDto> GetChildPermissions(PermissionGroupDto permissionGroup, PermissionGrantInfoDto permission) { return permissionGroup.Permissions.Where(x => x.Name.StartsWith(permission.Name)).ToList(); }This assumes that the child (and child's child and so on) permissions all start with parent permission Name. Our permission naming follows a different logic, Is this a naming convention for the permissions that Abp enforces? If so, could you link us the documentation that defines this naming convention?
-
0
hi
You can refer to this class.
https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/IdentityPermissions.cs#L5
-
0
hi,
Thanks for the link, but this didn't answer my questions:
Is this a naming convention for the permissions that Abp enforces? If so, could you link us the documentation that defines this naming convention?
-
0
hi
Is this a naming convention for the permissions that Abp enforces? If so, could you link us the documentation that defines this naming convention?
No. But this is a recommended approach.
you can consider changing this logic, I will also check it to see if we can enhance it.
protected List<PermissionGrantInfoDto> GetChildPermissions(PermissionGroupDto permissionGroup, PermissionGrantInfoDto permission) { return permissionGroup.Permissions.Where(x => x.Name.StartsWith(permission.Name)).ToList(); } -
0
hi,
It seems to me that as of today this is a requirment since the permission modal wont work properly if it isn't respected, What is the point of having the
PermissionDefinition.AddChild()function and nesting them if the rest of the implementation doesn't use this structure? -
0
hi
Can you test this?
protected List<PermissionGrantInfoDto> GetChildPermissions(PermissionGroupDto permissionGroup, PermissionGrantInfoDto permission) { var childPermissions = new List<PermissionGrantInfoDto>(); GetChildPermissions(childPermissions, permissionGroup.Permissions, permission); return childPermissions; } protected void GetChildPermissions(List<PermissionGrantInfoDto> allChildPermissions, List<PermissionGrantInfoDto> permissions, PermissionGrantInfoDto permission) { var childPermissions = permissions.Where(x => x.ParentName == permission.Name).ToList(); if (childPermissions.Count == 0) { return; } allChildPermissions.AddRange(childPermissions); foreach (var childPermission in childPermissions) { GetChildPermissions(allChildPermissions, permissions, childPermission); } } -
0
This works:
protected List<PermissionGrantInfoDto> GetChildPermissions(PermissionGroupDto permissionGroup, PermissionGrantInfoDto permission) { var childPermissions = new List<PermissionGrantInfoDto>(); GetChildPermissions(childPermissions, permissionGroup.Permissions, permission); return childPermissions; } protected void GetChildPermissions(List<PermissionGrantInfoDto> allChildPermissions, List<PermissionGrantInfoDto> permissions, PermissionGrantInfoDto permission) { var childPermissions = permissions.Where(x => x.ParentName == permission.Name).ToList(); if (childPermissions.Count == 0) { return; } allChildPermissions.AddRange(childPermissions); foreach (var childPermission in childPermissions) { GetChildPermissions(allChildPermissions, permissions, childPermission); } } -
0
Thanks. I will update the framework code.
