Activities of "Sturla"

Ok but will that not remove ALL the permissions from the tenant?

I just want to remove specific things like e.g. access to the Roles under Identity but I would like to keep access to Users. Like I don't want my tenants to be messing with Language Management or Text Templates.

Am I totally missing how this works? So sorry if I´m...

Thaks I have been trying to get this to work but hitting this code does not remove the permission.

[UnitOfWork]
public async virtual Task HandleEventAsync(EntityCreatedEto<UserEto> eventData)
{
    //doesn´t remove the permission
    await permissionManager.DeleteAsync("AbpIdentity.Roles.ManagePermissions",eventData.Entity.Name);
}

What am I missing?

I then thought it might be related to it being a IdentityUserCreatedEto but that code (below) is never hit.

public class TenantCreatedHandler : IDistributedEventHandler<EntityCreatedEto<IdentityUserCreatedEto>>, ITransientDependency
{
    public TenantCreatedHandler(IdentityUserManager identityUserManager, IPermissionManager permissionManager)
    {
        this.identityUserManager = identityUserManager;
        this.permissionManager = permissionManager;
    }

    private readonly IdentityUserManager identityUserManager;
    public IPermissionManager permissionManager { get; }

    [UnitOfWork]
    public async virtual Task HandleEventAsync(EntityCreatedEto<IdentityUserCreatedEto> eventData)
    {
        //this is never hit...
        var entity = await identityUserManager.GetByIdAsync(eventData.Entity.Id);
        await permissionManager.DeleteAsync("AbpIdentity.Roles.ManagePermissions", entity.Name);
    }
}

Ok I managed to find the issue and it was this https://github.com/abpframework/abp/issues/9579 where I hid the admin menu (just before going on a summer vacation and forgot about it)

BUT that does not negate my issue, of hiding parts of the menu

What do I use to remove these grants/permissions from the tenant?

I have tried IPermissionManager but that doesn´t do it

Here is my code where I´m trying to remove these menu items by trying to remove them from the AbpPermissionGrants table.

public class RegisteredUserHandler : IDistributedEventHandler<EntityCreatedEto<UserEto>>, ITransientDependency
{
public RegisteredUserHandler(IdentityUserManager identityUserManager, IPermissionManager permissionManager)
{
    this.identityUserManager = identityUserManager;
    this.permissionManager = permissionManager;
}

private readonly IdentityUserManager identityUserManager;
public IPermissionManager permissionManager { get; }

[UnitOfWork]
public async virtual Task HandleEventAsync(EntityCreatedEto<UserEto> eventData)
{
    var theJustNowCreatedIdentityUser = await identityUserManager.GetByIdAsync(eventData.Entity.Id);

    // Only add this OrdinaryClientRole to none tenant users!
    if (!eventData.IsMultiTenant(out _))
    {
        var result = await identityUserManager.AddToRoleAsync(theJustNowCreatedIdentityUser, RoleConstants.OrdinaryClientRole);
    }
    else
    {
        //This does not remove anything
        await permissionManager.SetForUserAsync(eventData.Entity.Id, "AbpIdentity.Roles.ManagePermissions", false);
    }
}
}

Hopefully you can point me in the right direction...

I noticed (in Blazor) that the Administration side menu is missing for logged in tenant but I can still access the items, so not permission issue. I created a issue for this with more details https://support.abp.io/QA/Questions/1713/Administration-menu-missing-after-update-to-440

I just noticed that the administration side menu has completely vanished! If I create a new tenant and log-in never shows up.

BUT I still can navigate to say /idenity/users and access the pages so its not any access control issue.

Here you can see that there is no Administration dropdown in the sidemenu (I know I should have cropped less from the names but trust me, its not there).

I have gone over everything multiple times and I can´t see anywhere that I´m to blame!

No problem sending someone my solution to check this out.

• ABP Framework version: 4.4.0
• UI type: Blazor
• DB provider: EF Core
• Identity Server Separated: yes

Here are two Blazorise GitHub issues that throw this error Unhandled exception rendering component: Could not find 'blazorise.tooltip.updateContent'

• issue 1
• issue 2

It gets fixed after re-running the bundling tool

Allthought the bunding tool now leves the following warning "Unable to minify the file: AuthenticationService.js. Adding file to the bundle without minification."

Hi

More details (images etc.) for my problem can be found as a comment to this gist for customising the Register page for the Account module.

But when I try to implement this I get the following errors when trying to customise the Lepton theme.

Uncaught ReferenceError: $ is not defined in ApplicationConfigurationScript and Uncaught ReferenceError: abp is not defined in ServiceProxyScript

There wasa support ticket that asked the same question but never had a resolution. I have gone over that and I can browse to the ServiceProxyScript and this is running locally and not in Azure and no errors in the logfiles in the IdentityServer.

Btw I'm using the source code for Volo.Account.Pro module (I haven´t changed it yet so its 100% the same) and therefor doing these changes in the IdentityServer and not the HttpApi.Host if that matters.

Any ideas or something for me to try out?

• ABP Framework version: 4.3.2
• UI type:Blazor
• DB provider: EF Core
• Identity Server Separated: yes

Ok I have been looking at this and mabe creating a role and asigning it to the user when he is created is the correct way about doing this.

Here is a working sample for others to follow.

Its still unclear if I should be using IDistributedEventHandler<EntityCreatedEventData<IdentityUser>> or IDistributedEventHandler<EntityCreatedEto<UserEto>>. Seemy question here.

public class RegisteredUserHandler : IDistributedEventHandler<EntityCreatedEventData<IdentityUser>>, ITransientDependency
    {
        private readonly IPermissionManager permissionManager;
        private readonly IdentityUserManager identityUserManager;

        public RegisteredUserHandler(IPermissionManager permissionManager,IdentityUserManager identityUserManager)
        {
            this.permissionManager = permissionManager;
            this.identityUserManager = identityUserManager;
        }

        [UnitOfWork]
        public async Task HandleEventAsync(EntityCreatedEventData<IdentityUser> eventData)
        {            
            // Add the permission to the role
            await permissionManager.SetForRoleAsync("OrdinaryClientRole", "MyPermission.Client", true);
            
            // Add the user to the role. 
            await identityUserManager.AddToRoleAsync(eventData.Entity, "OrdinaryClientRole");
        }
    }`

I will seed the role and add the permissions in one go like shown here.

You are misunderstanding this.

I´m trying to have different menu for a user that is not a Tenant and not Host.

I´m the host and Tenants can register with my system and add content that ordinary users can enjoy (for payment to me that I then monthly dish out to Tentans). The ordinary users need to be able to view collection of content from all the tenants in the system.

Did that explain it?

Hi again!

I did a MVP and settled on a multi-tenancy option but I didn't go into every detail and need some help with this comment

Clients can be normal IdentityUser (AbpUser). They can access products without any issues.

What I need to know is how do I separate the Client (ordinary user) from Tenant/Host? How can I show clients their menu items that are totally different from the Tentan ones? I have been having this discussion on github but remembered that I had asked this question and gotten this comment and now beleve the question belongs here.

This is (I hope) the last puzzle to get my Beta out the door so I hope you can point me in the right direction with this.

p.s I have a separate Identity Servar and have added the Account source module so I can modify it.