Starts in:
2 DAYS
14 HRS
28 MIN
54 SEC
Starts in:
2 D
14 H
28 M
54 S
Open Closed

How to call app services that requires permission in Console application. #975


User avatar
0
drenton created

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

  • ABP Framework version: v4.2.1
    • UI type: Console / Module
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:

I'd like to use app services that requires permission on Console application. The console application does not know of web host existing. How can I sign in or get pass the permission check?

var user = await _userManager.FindByNameAsync("admin");
var newPrincipal = new ClaimsPrincipal(
    new ClaimsIdentity(
        new[]
        {
            new(AbpClaimTypes.UserId, user.Id.ToString()),
            new Claim(AbpClaimTypes.UserName, user.UserName)
        }
    ));
using (_currentPrincipalAccessor.Change(newPrincipal))
{
    // Below method requires authentication and authorization.
    var lastRunTimeCoreSetting = await _coreSettingAppService.GetByNameAsync("LastRunTime");
}

<br> I'm using AddAlwaysAllowAuthorization for testing now, but this is not ideal for production.


6 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can refer this project.

    https://github.com/abpframework/abp/tree/bd041b8774ab4df45de11077de8cfa8189d6b85f/framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization

    https://github.com/abpframework/abp/blob/bd041b8774ab4df45de11077de8cfa8189d6b85f/framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/AuthorizationTestBase.cs#L18-L31

  • User Avatar
    0
    drenton created

    @maliming Thanks for you answer.

    Above links work for users who are garanted permissions directly without Roles but it does not work for the accounts that are granted permissions by Roles (like Admin user with Admin Role)

    //var user = await _userManager.FindByNameAsync("jhan"); // this works
    var user = await _userManager.FindByNameAsync("admin"); //this does not
    var newPrincipal = new ClaimsPrincipal(
        new ClaimsIdentity(
            new Claim[]
            {
                new Claim(AbpClaimTypes.UserId, user.Id.ToString()),
            }
    ));
    using (_currentPrincipalAccessor.Change(newPrincipal))
    {
        var lastRunTimeCoreSetting = await _coreSettingAppService.GetByNameAsync("LastRunTime");
    
    

    Your link contains exmples for Role-Authorize,

    Authorize(Role ="MyAuthorizedService1")
    .
    .
    new Claim(AbpClaimTypes.Role, "MyAuthorizedService1"), // I need something like this for Policy based Authorize.
    

    but I cannot find an exmaple for policy.

    Authorize(Policy ="MyAuthorizedService1")
    
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can create some test roles in the unit test.

    I remember that the admin user and the admin role will be seeded by default.

    You can also simulate the IPermissionStore service. https://github.com/abpframework/abp/blob/4ab503f90724971a0c18b17c6840db50c94cb7dc/framework/test/Volo.Abp.UI.Navigation.Tests/Volo/Abp/Ui/Navigation/FakePermissionStore.cs

    If you still can't solve it, I will create a demo to explain this.

  • User Avatar
    0
    drenton created

    @mailming I know that the admin account and admin roll are set by seeds. I can login and see all the pages and permissions working correctly on web site.(using the same database). But when I try above method, it does not work. it only works when I remove the admin roll from the admin account and set all permissions directly without the roll.

    I don't think the permissions granted by the roll are working with above code. and as permissions are not (Role = ), it's a (Policy =) I could not add them as cliams.(I could not find a way to do that).

    I think it would be nice if there is a test case Should_Allow_To_Call_Method_If_Has_Permission_ProtectedByClass_Async()

    below class has only Should_Not cases for Policy authorazation.

    https://github.com/abpframework/abp/blob/bd041b8774ab4df45de11077de8cfa8189d6b85f/framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/Authorization_Tests.cs

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Sorry, it seems I misunderstand your question, I thought you need to call an application service that requires permission in the unit test.

    There is a ConsoleTestApp and that will request Identity Server to get a token. Then call proxy api.

    https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/test/MyCompanyName.MyProjectName.HttpApi.Client.ConsoleTestApp/ConsoleTestAppHostedService.cs#L13

    If this is not the case for you, you can share a demo project to me. liming.ma@volosoft.com

  • User Avatar
    0
    ServiceBot created
    Support Team Automatic process manager

    This question has been automatically marked as stale because it has not had recent activity.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06