- ABP Framework version: v7.0.1
- UI Type: Angular
- Database System: Oracle
I am observing a very weird behavior of permissions.
Let's say I have Tenant1... TenantX. I never have had any issues with accessing API resources protected with permissions by the users of these tenants. For simplicity, let's take the role "admin" - this is particularly where the issue is reproduced.
So, now I have received the complaint from TenantY. His users - which have the "admin" role assigned - cannot access specific resources (getting error 403) whereas - what is even more confusing - the other resources (and corresponding permissions) do not have such an issue.
"admin" role for TenantY does not differ from "admin" role in other tenants (at least, in UI).
I checked the DB and tenant settings thoroughly, but cannot see anything unusual.
Also, the data in AbpPermissionGrants looks the same for all tenants "admin" roles, i.e. all relevant tenants "admin" role have the complained permission assigned.
Another important note: now when I create a new tenant - I observe the same issue with error 403.
Do you have the idea what could be wrong, where should I check which settings?
3 Answer(s)
-
0
hi
Can you share the
logs.txt
when the error occurs?Another important note: now when I create a new tenant - I observe the same issue with error 403.
How can I reproduce this in a new template project?
Thanks
-
0
I've revealed the additional custom protection mechanism in our project, related to company-licence, i.e. I've found the root cause and it is not related to ABP permissions. Please, restore the points and close the ticket. Sorry.
-
0
No problem. : )