Activities of "alexander.nikonov"
ABP 7.0.1 / Angular
My home page shows some information to an authenticated user via API calls. If the user logs out - these methods need not to be invoked anymore.
Seems like I've tried all possible ways - and it still DOES call those methods with "Not authorized (401)" error from server after I click "Logout" button. I also have tried to call Subscription$.unsubscribe() while logging out, but it still does not work.
Another question: I can logout from any page, not just Home page. There are plenty of API call subscriptions on each of them. How am I supposed to unsubscribe from all such calls with minimal code changes??
Here is the piece of the code of my Home page:
ngOnInit() {
this.oAuthService.events
.pipe(
filter(event => event?.type === 'logout'),
tap(() => {
this.logout$.next(null); //those are called, but API calls are still invoked
this.logout$.complete();
}))
.subscribe();
this.homeService.getNewsForHomePage()
.pipe(filter(() => this.configStateService.getDeep('currentUser.isAuthenticated')), takeUntil(this.destroy), takeUntil(this.logout$))
.subscribe((newsResponse) => {
...
});
this.homeService.getUrlsForHomePage()
.pipe(filter(() => this.configStateService.getDeep('currentUser.isAuthenticated')), takeUntil(this.destroy), takeUntil(this.logout$))
.subscribe((newsUrlParameterResponse) => {
...
});
}
ngOnDestroy(): void {
this.destroy.next(null);
this.destroy.complete();
}
Moreover - when I am already at this page (where this.configStateService.getDeep('currentUser.isAuthenticated') is supposed to be false, I guess):
the API calls are still invoked.
- ABP Framework version: v7.0.1
- UI Type: Angular
- Database System: EF Core (Oracle)
- Auth Server Separated
After switching the tenant I need to reload navigation menu according to the current tenant's user permissions. I cannot manage to do this: when I switch to the tenant who does not have the proper permissions - the menu items are hidden. However, when I switch back - the menu items which need to be visible are not shown:
switch(tenant: Models.Common.Lookup<string>) {
this.oAuthService.configure(this.environment.oAuthConfig);
let loadingToasterId = Number(this.toaster.info('::Tenants:PleaseWait', '::Tenants:Switching', { ...this.toasterOptions && { sticky: true } }));
return from(this.oAuthService.loadDiscoveryDocument())
.pipe
(
switchMap(() => from(this.oAuthService.fetchTokenUsingGrant('switch_tenant', { token: this.oAuthService.getAccessToken(), tenant: tenant.id }))),
take(1)
)
.subscribe({
complete: () => {
this.toaster.remove(loadingToasterId);
this.toaster.success('::Tenants:SwitchingSucceeded', '::Tenants:Switching', { ...this.toasterOptions && { life: 2000 } });
this.sessionStateService.setTenant({ id: tenant.id, name: tenant.displayName, isAvailable: true } as CurrentTenantDto);
this.configStateService.refreshAppState().subscribe(x => {
this.router.navigate(['/'], { skipLocationChange: false, onSameUrlNavigation: 'reload' }).then(ready => {
if (ready) {
//TODO: is it really needed? What to do here?
}
});
});
},
error: () => {
this.toaster.remove(loadingToasterId);
this.toaster.error('::Tenants:SwitchingFailed', '::Tenants:Switching', { ...this.toasterOptions && { life: 2000 } });
}
});
}
The method which is triggered after switching the tenant:
init() {
this.routesService.flat.filter(x => x.requiredPolicy && (x as any).data?.moduleId).forEach(x => x.invisible = true);
this.routesService.refresh();
combineLatest([this.configStateService.getDeep$('extraProperties.modulePermissionMap'), this.routesService.flat$.pipe(take(1))])
.pipe
(
filter(([modulePermissionMap, route]) => Object.keys(modulePermissionMap).length > 0 && Object.keys(route).length > 0),
takeUntil(this.destroy)
)
.subscribe(([modulePermissionMap, nonLazyLoadedRoute]) => {
let permissionProhibitedPageIds: string[] = [];
nonLazyLoadedRoute.filter(node => node.requiredPolicy).forEach((nonLazyRouteItem: ABP.Route) => {
let moduleId = (nonLazyRouteItem as any).data?.moduleId;
if (moduleId) {
const moduleIdPolicyViolated = !modulePermissionMap[moduleId] || modulePermissionMap[moduleId] && !modulePermissionMap[moduleId].includes(nonLazyRouteItem.requiredPolicy as string);
const ordinaryRolePolicyViolated = !modulePermissionMap['_ordinaryRole'] || modulePermissionMap['_ordinaryRole'] && !modulePermissionMap['_ordinaryRole'].includes(nonLazyRouteItem.requiredPolicy as string);
if (moduleIdPolicyViolated && ordinaryRolePolicyViolated) {
permissionProhibitedPageIds.push(nonLazyRouteItem.name);
}
else {
nonLazyRouteItem.invisible = false;
}
}
});
this.routesService.remove(permissionProhibitedPageIds);
this.routesService.refresh(); //tried this, but it does not help - nonLazyLoadedRoute seem to contain menu items, however they are not displayed as expected
});
}
app.component.ts:
ngOnInit(): void {
this.oAuthService.events
.pipe(filter(event => event?.type === 'logout'))
.subscribe(() => {
this.modulePermissionHandler.deinit();
});
this.currentUser$.subscribe(currentUser => {
if (currentUser?.isAuthenticated) {
if (!this.appSettingInitialized) {
this.abxTenantSwitcher.init(); // tenant switching functionality
this.modulePermissionHandler.init(); // custom permission handling - init method shown previously
this.appSettingInitialized = true;
}
}
});
}
- ABP Framework version: v7.0.1
- UI Type: Angular
- Database System: Oracle
- Auth Server Separated
I create a custom permission definition in DB. On next step I assign it to a user role. This next step is impossible until I restart the app (so the list of permission definitions is being actualized). I do not want app restart - I need a "hot-reload" for permission definitions. How can I implement this? No dramatic changes, no switching to dynamic permissions! - I just need a small "Refresh" method, which would trigger permission definition list reload - so they all would be available for role assignment. Please, show a piece of code.
- ABP Framework version: v7.0.1.
- UI type: Angular
- DB provider: EF Core Identity Server Separated (Angular)
At some point the pages from "Identity Server" section became non-accessible - i.e. they are visible in the menu and corresponding permissions are present. But clicking on any of these pages gives error 404:
The app-routing.module.ts is quite typical:
app.component.ts contains some page replacement, but nothing related to "Identity Server" section:
constructor(
...
) {
this.replaceableComponents.add({
component: TenantsComponent,
key: eSaasComponents.Tenants,
}),
this.replaceableComponents.add({
component: UsersComponent,
key: eIdentityComponents.Users
}),
this.replaceableComponents.add({
component: RolesComponent,
key: eIdentityComponents.Roles
});
}
ngOnInit(): void {
this.manageProfileTabs.patch(eAccountManageProfileTabNames.PersonalInfo, {
component: AbxPersonalSettingsComponent,
});
this.routesService.remove([eIdentityRouteNames.OrganizationUnits]);
this.routesService.remove([eIdentityRouteNames.Users]);
this.routesService.remove([eIdentityRouteNames.Roles]);
this.routesService.remove([eSaasRouteNames.Tenants]);
...
}
I cannot figure out, what could have caused the reported issue. Please, provide some suggestion - this code is all I can show, full project is not available.
I've implemented Module Role conception. Module Role is bound to a Module ID, It's like a unique identifier of Angular app page. A Module Role is filled with ordinary permissions. At the same time, a group of Module Roles can be assigned to an ordinary role. This conception works as expected for per-page access, when a page is accessed via menu, because Module ID is passed to back-end and I can check if there specific page has three requested permissions.
However, it doesn't work properly when I load the app and expect to see only those pages in the menu whose Module ID has the required permission for this page.
So the question is how to pass-through additional information of route (like this module ID) from Angular app to a back-end:
when I load the specific page via URL:
or just navigating to the app https://localhost:4200 (and expecting to see only specific module ID-related pages in the menu)
to have it available in any possible way (via DI request object, etc.) inside your method:
public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
?
- ABP Framework version: vX.X.X
- UI type: Angular / MVC / Blazor
- DB provider: EF Core / MongoDB
- Tiered (MVC) or Identity Server Separated (Angular): yes / no
- Exception message and stack trace:
- Steps to reproduce the issue:"
After upgrading from ABP 5.1.2 to 7.0.1 I cannot add a claim to "Owned" When I'm trying to move any claim from right to left:
I am getting JS exception (because the given property is "undefined"):
The same goes for Identity Resources (and maybe other sections like this).
FYI: we keep using Identity Server, not Open ID Dict - probably it has something to do with this.
Please lead me in the right direction to fix this - I cannot share the code and we need to make this setup working ASAP, since the newly added solution cannot be run.
- ABP Framework version: v7.0.1
- UI type: Angular
- DB provider: EF Core
- Identity Server Separated (Angular)
We would like to implement the logic which implies assigning permissions to a custom role, while such custom role in turn is assigned to a standard role of the system. Could you please advice how can we fulfil such task by means of ABP framework?
- ABP Framework version: v5.1.2
- UI type: Angular
- DB provider: EF Core
- Identity Server Separated (Angular)
I have a couple of issues / questions with the migration.
Server side: probably because of absent Devart Oracle driver which supports .NET 7.0+ the Add-Migration causes the following error (please note that we have set target=NET7 for all our projects):
Return type in method 'Devart.Common.Entity.c5.FindMapping(System.Type)' on type 'Devart.Common.Entity.c5' from assembly 'Devart.Data.Oracle.Entity.EFCore, Version=9.16.1434.0, Culture=neutral, PublicKeyToken=09af7300eec23701' is not compatible with base type method 'Microsoft.EntityFrameworkCore.Storage.RelationalTypeMappingSource.FindMapping(System.Type)'.
The Add-Migration itself with the standard driver completes successfully, but when I run Update-Database - very soon I end up with the errors related to Upper / Lower case in Table/Column names + quotes around those. We did not have such problems with Devart thanks to these options:
var config = Devart.Data.Oracle.Entity.Configuration.OracleEntityProviderConfig.Instance;
config.Workarounds.DisableQuoting = true;
config.CodeFirstOptions.UseNonLobStrings = true;
config.CodeFirstOptions.UseNonUnicodeStrings = true;
How to make a successful migration? Sorry - I cannot share the source code.
Client side: it is not clear which version of Angular should we use now, with ABP 7.0.1. We have had Angular 13 so far...I've tried to upgrade Angular after using abp update, but faced the compilation problem for our Angular packages, similar to these, but related to ng-bootstrap and other material components. So what Angular version should we use? Should we upgrade from version 13 and how to make it correct?
- ABP Framework version: v5.1.2
- UI type: Angular
- DB provider: EF Core
- Identity Server Separated (Angular)
I am trying to create a custom implementation of IPermissionChecker in the shared project and consume this implementation in several projects.
Currently I'm having the problem with this implementation. Here is the checker:
[Dependency(ReplaceServices = false)]
public class AbxPermissionChecker : IPermissionChecker
{
private PermissionChecker _abpPermissionChecker;
private IServiceProvider _serviceProvider;
private readonly ILicencePermissionChecker _licencePermissionChecker;
public AbxPermissionChecker
(
PermissionChecker abpPermissionChecker,
IServiceProvider serviceProvider,
ILicencePermissionChecker licencePermissionChecker
)
{
_abpPermissionChecker = abpPermissionChecker;
_serviceProvider = serviceProvider;
_licencePermissionChecker = licencePermissionChecker;
}
public async Task<bool> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string name)
{
using var scope = _serviceProvider.CreateScope();
var abxRequestContext = scope.ServiceProvider.GetRequiredService<IAbxRequestContext>();
return await _licencePermissionChecker.IsGrantedAsync(abxRequestContext.AbxTenantId, abxRequestContext.AbxModuleId) && await _abpPermissionChecker.IsGrantedAsync(claimsPrincipal, name);
}
public Task<bool> IsGrantedAsync(string name)
{
return _abpPermissionChecker.IsGrantedAsync(name);
}
public Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names)
{
return _abpPermissionChecker.IsGrantedAsync(names);
}
public Task<MultiplePermissionGrantResult> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string[] names)
{
return _abpPermissionChecker.IsGrantedAsync(claimsPrincipal, names);
}
}
public class PermissionManager : DomainService
{
private readonly IRepository<Tenant, int> _tenantRepository;
private readonly IRepository<ModuleLicence> _moduleLicenceRepository;
private readonly IRepository<CompanyLicence> _companyLicenceRepository;
public PermissionManager
(
IRepository<Tenant, int> tenantRepository,
IRepository<ModuleLicence> moduleLicenceRepository,
IRepository<CompanyLicence> companyLicenceRepository
)
{
_tenantRepository = tenantRepository;
_moduleLicenceRepository = moduleLicenceRepository;
_companyLicenceRepository = companyLicenceRepository;
}
public async Task<List<string>> GetAccessibleModulesAsync(int abxTenantId)
{
var tenants = await _tenantRepository.GetQueryableAsync();
var companyLicences = await _companyLicenceRepository.GetQueryableAsync();
var moduleLicences = await _moduleLicenceRepository.GetQueryableAsync();
var query = from tenant in tenants.Where(x => x.Id == abxTenantId).Take(1)
join companyLicence in companyLicences on tenant.CompanyId equals companyLicence.CompanyId
join moduleLicence in moduleLicences on companyLicence.LicenceId equals moduleLicence.LicenceId
select moduleLicence.ModuleId;
return query.Distinct().ToList();
}
}
The exception I'm getting in the consuming project when accessing PermissionManager method:
Autofac.Core.DependencyResolutionException: An exception was thrown while activating Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController -> Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationAppService -> AbxEps.CT.Core.Permissions.AbxPermissionChecker -> AbxEps.CT.Core.Permissions.AbxLicencePermissionChecker -> AbxEps.CT.Core.Permissions.PermissionManager. ---> Autofac.Core.DependencyResolutionException: None of the constructors found with 'Autofac.Core.Activators.Reflection.DefaultConstructorFinder' on type 'AbxEps.CT.Core.Permissions.PermissionManager' can be invoked with the available services and parameters: Cannot resolve parameter 'Volo.Abp.Domain.Repositories.IRepository
2[AbxEps.CT.Core.Tenants.Tenant,System.Int32] tenantRepository' of constructor 'Void .ctor(Volo.Abp.Domain.Repositories.IRepository2[AbxEps.CT.Core.Tenants.Tenant,System.Int32], Volo.Abp.Domain.Repositories.IRepository1[AbxEps.CT.Core.ModuleLicences.ModuleLicence], Volo.Abp.Domain.Repositories.IRepository1[AbxEps.CT.Core.CompanyLicences.CompanyLicence])'.
Now let me explain what I'm trying to achieve. CoreDbContext in the shared project contains SIMPLIFIED models of entities which are ALREADY bound in the consuming project. Since I cannot bind the model to the same table name twice in the same DbContext as well as I don't want to MOVE a complex model binding from consuming project to the shared project, I decided to use two independent DbContext:
public static void ConfigureCore(
this ModelBuilder builder,
Action<CoreModelBuilderConfigurationOptions> optionsAction = null
) {
builder.Entity<CompanyLicence>(b =>
{
b.ToTable("CT_CA_COMP_LIC", CentralToolsConsts.DbSchema);
.... simplified binding
}
public static void ConfigureConsuming(
this ModelBuilder builder,
Action<ConsumingModelBuilderConfigurationOptions> optionsAction = null
) {
builder.Entity<CompanyLicence>(b =>
{
b.ToTable("CT_CA_COMP_LIC", CentralToolsConsts.DbSchema);
.... advanced binding
}
- ABP Framework version: v5.1.2
- UI type: Angular
- DB provider: EF Core
- Identity Server Separated (Angular)
What is correct way to authorize RabbitMQ user so that I could invoke AppService methods from RabbitMQ receiver or sender? In the meantime both CurrentTenant and CurrentUser are null. Please write the example of the code.