Starts in:
2 DAYS
10 HRS
53 MIN
42 SEC
Starts in:
2 D
10 H
53 M
42 S
Open Closed

Authorize Attribute #7518


User avatar
0
Spospisil created
  • ABP Framework version: v7.3.2
  • UI Type: Blazor WASM
  • Database System: EF Core/PostgreSQL
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

I want to be able to add a line of code (similar to below) to the top of every page that would only be available to a tenant without having to add a abp 'permission' or 'feature' definition but rather would pass the authorize test based on whether the current user's tenent id is null or not.

How can this be done in ABP?

@attribute [Authorize(TenantUser)]


7 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can add a tenant policy. and use it in your pages

    eg: https://github.com/abpframework/abp/pull/10152#issue-1007619207

    options.AddPolicy("MyClaimTestPolicy", policy =>
    {
        policy.RequireAuthenticatedUser().RequireAssertion(handlerContext =>
        {
            var tenantId = handlerContext.User.FindTenantId();
            
            return false; // false to skip
        });
    });
    
  • User Avatar
    0
    Spospisil created

    Hi,

    Is this the only thing I need to do to the code in order to get this to work? I keep getting the following message.

    "Unhandled exception rendering component: The AuthorizationPolicy named: 'TenantPolicy' was not found."

    private static void ConfigureAuthorization(ServiceConfigurationContext context)
    {
        context.Services.AddAuthorization(options =>
        {
            options.AddPolicy("TenantPolicy", policy =>
            {
                policy.RequireAuthenticatedUser().RequireAssertion(handlerContext =>
                {
                    var tenantId = handlerContext.User.FindTenantId();
                    Console.WriteLine($"****** TenantId: {tenantId} ******");
                    return false; // false to skip
                });
    
            });
        });
    }
    
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share a template project with your custom code? https://wetransfer.com/

    liming.ma@volosoft.com

    Thanks

  • User Avatar
    0
    Spospisil created

    Hi,

    Truly, it would be a lot quicker if you could produce a working sample of vs me trying to scale back my enterprise level application and all it's source code.

    Could you please provide a sample based on blazor WASM tiered, etc?

    Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    In blazor wasm module.

    private static void ConfigureAuthentication(WebAssemblyHostBuilder builder)
    {
        builder.Services.AddOidcAuthentication(options =>
        {
            builder.Configuration.Bind("AuthServer", options.ProviderOptions);
            options.UserOptions.NameClaim = OpenIddictConstants.Claims.Name;
            options.UserOptions.RoleClaim = OpenIddictConstants.Claims.Role;
    
            options.ProviderOptions.DefaultScopes.Add("MyProjectName");
            options.ProviderOptions.DefaultScopes.Add("roles");
            options.ProviderOptions.DefaultScopes.Add("email");
            options.ProviderOptions.DefaultScopes.Add("phone");
        });
    
        builder.Services.AddAuthorizationCore(options =>
        {
            options.AddPolicy("TenantPolicy", policy =>
            {
                policy.RequireAuthenticatedUser().RequireAssertion(handlerContext =>
                {
                    var userId = handlerContext.User.FindUserId();
                    Console.WriteLine($"****** UserId: {userId} ******");
    
                    var tenantId = handlerContext.User.FindTenantId();
                    Console.WriteLine($"****** TenantId: {tenantId} ******");
                    return true; // false to skip
                });
            });
        });
    }
    

    Index.razor of blazor wasm project

    @attribute [Authorize(policy: "TenantPolicy")]
    

    Output:

  • User Avatar
    0
    Spospisil created

    Thank you. That resolved the issue.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Good news.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06