thanks
ABP Framework version: v4.2.2
UI type: MVC
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): no
Exception message and stack trace:
Steps to reproduce the issue:
I am trying to upload a file, should be simple enough. i have this controller:
public class SourceOfTruthAttributesAppService : ApplicationService
{
public async Task<IActionResult> PostUploadFile([FromBody]IFormFile file)
{
try
{
using (var stream = new MemoryStream())
{
await file.CopyToAsync(stream);
}
return new OkResult();
}
catch (Exception ex)
{
return new BadRequestObjectResult(ex.Message);
}
}
}
i have this jquery code: $("#but_upload").click(function () { event.preventDefault();
alert('begin upload');
if ($('#file').length == 0) {
alert('No file to upload');
return;
}
var fd = new FormData();
var file = $('#file')[0].files[0];
fd.append('file', file);
abp.ajax({
type: 'POST',
data: fd,
processData: false,
contentType: false,
url: "/api/app/source-of-truth-attributes/upload-file",
}).then(function (result) {
alert('your file has been uploaded');
location.reload();
});
})
it works with null in the data, but when i try to pass the file in to the data i get the following error: jquery.js?_v=637504727666307175:9600 POST https://localhost:44355/api/app/source-of-truth-attributes/upload-file 415 send @ jquery.js?_v=637504727666307175:9600 ajax @ jquery.js?_v=637504727666307175:9206 (anonymous) @ abp.jquery.js?_v=637504727661778549:112 Deferred @ jquery.js?_v=637504727666307175:3751 abp.ajax @ abp.jquery.js?_v=637504727661778549:111 (anonymous) @ index.js?_v=637549962657651648:58 dispatch @ jquery.js?_v=637504727666307175:5183 elemData.handle @ jquery.js?_v=637504727666307175:4991
what am i doing wrong? thanks
public class SubnetDataModel : AuditedAggregateRoot<Guid>, IMultiTenant
{
public Guid? TenantId { get; set; }
public string Network { get; set; }
public string MaskBit { get; set; }
public string StartRange { get; set; }
public string EndRange { get; set; }
//public string Category { get; set; }
public SiteDataModel SiteData { get; set; }
[ForeignKey("SiteData")]
public Guid? SiteId { get; set; }
}
public class SubnetModel : AuditedEntityDto<Guid>
{
public string Network { get; set; }
public string MaskBit { get; set; }
public string StartRange { get; set; }
public string EndRange { get; set; }
//public SiteModel SiteData { get; set; }
public Guid? SiteId { get; set; }
public string SiteName { get; set; }
}
CreateMap<SubnetDataModel, SubnetModel>().ForMember(x => x.SiteName, y => y.MapFrom(src => src.SiteData.Name));
is the an abp library for react?
what i am looking for is an example of how to login from javascript. so for example, i put the site up on iis, the people can login through the website, it all works. we havce a third party application that needs to login and access out data, they are trying to provide the tenant id, user name, and password and get back the bearer token. where can i find an example of how to do that, because as you read in my first message in this chain, that process does not see to work how i am doing it. i cannot even get it to work through the swagger
Lastly, once i login, do i get backa token topass in to other calls? it is just a matter of adding a authentication: bearer <token> to the header?
i did notice this error: 2021-04-12 12:48:47.843 -05:00 [ERR] The required antiforgery header value "RequestVerificationToken" is not present.
based on this article i made the code change suggested: https://support.abp.io/QA/Questions/802/Issues-deploying-application-to-test-server context.Services.AddAuthentication() .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); ; options.Audience = "WorkflowDemo"; options.BackchannelHttpHandler = new HttpClientHandler() { ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator }; }); this did not solve the issue either.
application/json
when i run this from visual studio i get back a 400 with no data and when i run it from iis i get back a 400 and the response is the body of the html page to display a message: Internal Server Error
when the tenant that belongs to that id is selected and the user name and pasword are entered in the login screen it works fine. we have an extenral application that is trying to login using out applications user login, needs data from a couple of our APIs, so what am i doing wrong?
2021-04-12 12:48:47.821 -05:00 [INF] Executing endpoint 'Volo.Abp.Account.Public.Web.Areas.Account.Controllers.AccountController.CheckPassword (Volo.Abp.Account.Pro.Public.Web)'
2021-04-12 12:48:47.831 -05:00 [INF] Route matched with {area = "account", controller = "Login", action = "CheckPassword", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Account.Public.Web.Areas.Account.Controllers.Models.AbpLoginResult] CheckPassword(Volo.Abp.Account.Public.Web.Areas.Account.Controllers.Models.UserLoginInfo) on controller Volo.Abp.Account.Public.Web.Areas.Account.Controllers.AccountController (Volo.Abp.Account.Pro.Public.Web).
2021-04-12 12:48:47.843 -05:00 [ERR] The required antiforgery header value "RequestVerificationToken" is not present.
2021-04-12 12:48:47.844 -05:00 [INF] Authorization failed for the request at filter 'Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter'.
2021-04-12 12:48:47.857 -05:00 [INF] Executing HttpStatusCodeResult, setting HTTP status code 400
2021-04-12 12:48:47.857 -05:00 [INF] Executed action Volo.Abp.Account.Public.Web.Areas.Account.Controllers.AccountController.CheckPassword (Volo.Abp.Account.Pro.Public.Web) in 20.2611ms
2021-04-12 12:48:47.857 -05:00 [INF] Executed endpoint 'Volo.Abp.Account.Public.Web.Areas.Account.Controllers.AccountController.CheckPassword (Volo.Abp.Account.Pro.Public.Web)'
2021-04-12 12:48:47.914 -05:00 [INF] Request finished HTTP/1.1 POST http://localhost/api/account/checkPassword application/json 123 - 302 - - 161.6186ms
2021-04-12 12:48:47.927 -05:00 [INF] Request starting HTTP/1.1 GET http://localhost/Error?httpStatusCode=400 - -
2021-04-12 12:48:47.970 -05:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2021-04-12 12:48:47.978 -05:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared).
2021-04-12 12:48:48.808 -05:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml.
2021-04-12 12:48:48.894 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.SettingManagement
2021-04-12 12:48:48.897 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: LeptonThemeManagement.Settings
2021-04-12 12:48:48.899 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpAccount.SettingManagement
2021-04-12 12:48:48.899 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.Roles
2021-04-12 12:48:48.900 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.Users
2021-04-12 12:48:48.900 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.OrganizationUnits
2021-04-12 12:48:48.900 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.ClaimTypes
2021-04-12 12:48:48.900 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AbpIdentity.SecurityLogs
2021-04-12 12:48:48.900 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AuditLogging.AuditLogs
2021-04-12 12:48:48.902 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: Saas.Tenants
2021-04-12 12:48:48.908 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: IdentityServer.Client
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: IdentityServer.ApiResource
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: IdentityServer.IdentityResource
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: IdentityServer.ApiScope
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: LanguageManagement.Languages
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: LanguageManagement.LanguageTexts
2021-04-12 12:48:48.909 -05:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: TextTemplateManagement.TextTemplates
2021-04-12 12:48:48.918 -05:00 [INF] Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
2021-04-12 12:48:48.930 -05:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 126.0182ms.
2021-04-12 12:48:48.931 -05:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 951.9352ms
2021-04-12 12:48:48.931 -05:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2021-04-12 12:48:48.933 -05:00 [INF] Request finished HTTP/1.1 GET http://localhost/Error?httpStatusCode=400 - - - 400 - text/html;+charset=utf-8 1005.4083ms
not sure this is the answer i am looking for, i might have been ambiguous. let me explain further. we have 3 roles: user, admin, and system. an admin has permissions to the identity management tools, they can create users and assign them user or admin roles. the system role is above the admin role, and they should not have access to that role to assign it to anyone, although at the moment they can, but this is what we are trying to fix. a system user is the only one who can assign system to another user.
so what i am wondering is whereever you select role from, is there a way i can modify that to only return valid roles? if the user is an admin they can see user and admin, if the user is system they can see user, admin, and system.
i hope this is more clear