Open Closed

How to limit the users for our tenant from the host using the feature functionally forced for each tenant #863


User avatar
0
learnabp created
  • ABP Framework version: v4.2.0
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Seperated (Angular): No

I am working with a clints of your DesertFire and we are about to launch our SaaS product and would like to know how to restrict users which the Tenants can create forced from the Host.

Can we use the Feature funtionallity which then gets allocated to Editions but the Teant admin or users can't modify and is read only Field. if you can please provide me with an example that would be great.


3 Answer(s)
  • User Avatar
    0
    alper created
    Support Team Director

    to implement this you can add a new property to your tenant entity like TenantType and you can overwrite the tenant creation method so that you force your logic before the creation. You check the tenant type and decide if the current user (or role) can operate on this. this is a broad implementation. better to filter down your problem into smaller ones so I can write specific solutions.

  • User Avatar
    0
    learnabp created

    The requirement is that we want to restrict number of users who can login to each tenant for example since it is a SaaS product. we want to sell by restricting the number of users each tenant can have controlled from the host

    Basic Edittion - 1 admin and 5 users (authors) Pro Edition - 2 admin 10 usere (authors) Premium Edition 3 admins and 15 users (authors)

    we want to control this from the hosts using the features funtionality potentially then the admin of the tenant shouln't be able to create users if they are more then the edition they have.

    let me know if the requirement is still not clear?

  • User Avatar
    0
    alper created
    Support Team Director

    You can override the IdentityUserAppService's Create method to run your business logic before the built-in create method runs. See Overriding-Services document to understand how you can override the Create method. I tried to imlement this and it works.

    Put the below class in your *.Application project.

    MyIdentityUserAppService.cs

    using System.Collections.Generic;
    using System.Threading.Tasks;
    using Volo.Abp.DependencyInjection;
    using Volo.Abp.Identity;
    using Volo.Abp.Validation;
    using System;
    using System.Linq;
    using Microsoft.AspNetCore.Identity;
    using Microsoft.Extensions.Options;
    using Volo.Abp;
    using Volo.Saas.Editions;
    using Volo.Saas.Tenants;
    
    namespace AbpCommercialTest
    {
        [Dependency(ReplaceServices = true)]
        [ExposeServices(typeof(IIdentityUserAppService), typeof(IdentityUserAppService), typeof(MyIdentityUserAppService))]
        public class MyIdentityUserAppService : IdentityUserAppService
        {
            private readonly ITenantRepository _tenantRepository;
            private readonly IEditionRepository _editionRepository;
            private readonly IIdentityUserRepository _userRepository;
    
            public MyIdentityUserAppService(
                  IdentityUserManager userManager,
                  IIdentityUserRepository userRepository,
                  IIdentityRoleRepository roleRepository,
                  IOrganizationUnitRepository organizationUnitRepository,
                  IIdentityClaimTypeRepository identityClaimTypeRepository,
                  IdentityTwoFactorManager identityTwoFactorManager,
                  IOptions<IdentityOptions> identityOptions,
                  ITenantRepository tenantRepository,
                  IEditionRepository editionRepository) : base(userManager,
                    userRepository,
                    roleRepository,
                    organizationUnitRepository,
                    identityClaimTypeRepository,
                    identityTwoFactorManager,
                    identityOptions
                )
            {
                _userRepository = userRepository;
                _tenantRepository = tenantRepository;
                _editionRepository = editionRepository;
            }
    
            public override async Task<IdentityUserDto> CreateAsync(IdentityUserCreateDto input)
            {
                if (CurrentTenant.Id.HasValue) //check that it's tenant
                {
                    var currentTenant = await _tenantRepository.GetAsync(CurrentTenant.Id.Value); //get tenant
                    if (!currentTenant.EditionId.HasValue)
                    {
                        throw new BusinessException("You don't have an edition!");
                    }
    
                    var usersCount = await _userRepository.GetCountAsync(); //get current user count of the tenant
    
                    var editionOfTenant = await _editionRepository.GetAsync(currentTenant.EditionId.Value); 
    
                    editionOfTenant.ExtraProperties["MaxUserCount"] = 5; //temporary code for testing.
    
                    if (long.Parse(editionOfTenant.ExtraProperties["MaxUserCount"].ToString() ?? "0") > usersCount)
                    {
                        throw new UserFriendlyException("You do not have the right to create a new user!");
                    }
                }
    
                return await base.CreateAsync(input); //let the the built-in create method continue...
            }
        }
    }
    

    Note that I've used the extra properties of the edition. There are various ways to do this. Feaures or adding a new field to Tenant entitiy. Or creating a new entity etc...

Made with ❤️ on ABP v9.1.0-preview. Updated on November 18, 2024, 05:54