Activities of "alexander.nikonov"
How come that these tabs are not accessible anymore?
I discovered now I cannot access them with my admin user:
- ABP Framework version: v4.3.0
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
I need to use logical conditions (mainly "OR") for some AbpController calls. I need to have it transparent, so the best way is to extend Authorize attribute functionality.
I've read your documentation about Authorization - https://docs.abp.io/en/abp/latest/Authorization - but found nothing that would suit my needs.
You used to use AbpAuthorize and similar attributes on different layers which allowed to supply an array of policies and AND / OR indicator (RequireAllPermissions).
Seems like it is not used anymore (at least, I could not make it work).
Well, OK - if you are using AuthorizeAttribute from Microsoft now - I found the article describing similar task and overrode a bunch of classes (but reused some of your code), please see the attach:
https://1drv.ms/u/s!AhWdpZddvifTtjEHoKMud74vu7No?e=LmsXGB
HttpApiHostModule:
public override void ConfigureServices(ServiceConfigurationContext context)
{
...
context.Services.AddSingleton<IAuthorizationHandler, AbxPermissionHandler>();
context.Services.AddSingleton<IAuthorizationPolicyProvider, AbxPermissionAuthorizationPolicyProvider>();
}
Now in general it works, but I am not sure it's fully correct. Could you please have a look? Is there an easier way to do what I want?
One more question: some ABP UI controls are extended by us, i.e. we took ABP components and injected them in our components or just copied a source code (User, Organization Units, Tenants, etc.). For such controls we have own permissions. But the issue now is we have both ABP and own permissions and sometimes it is required to tick them all to make UI control work without erors. Is there an easier way, i.e. to tick only OUR permissions and make whole control work without 401 / 403 errors?
Also I am not very happy there is limitation for two permissions in *abpPermission directive in Angular UI: is there easy way to have more?
Call:
[AbxPermissionAuthorize(PermissionOperator.Or, CentralToolsPermissions.Licences.Default, CentralToolsPermissions.Modules.Default)]
public class LicenceController : AbpController
Or probably I need to use TypeFilterAttribute instead?
Seems like I have managed to write it properly. Could you please regain my commercial tickets count, since I've resolved this one myself??
public override async Task ResetPasswordAsync(ResetPasswordDto input)
{
await IdentityOptions.SetAsync();
var currentUser = await UserManager.GetByIdAsync(input.UserId);
var tenants = await _abxUserRepository.FindTenantsByLoginAsync(currentUser.UserName);
foreach (var tenant in tenants)
{
using (CurrentTenant.Change(tenant.AbpId))
{
var abxUser = await _abxUserRepository.FindUserByLoginAsync(currentUser.UserName, tenant.Id);
var tenantUser = await UserManager.GetByIdAsync(abxUser.Id);
var tenantUserResetToken = await UserManager.GeneratePasswordResetTokenAsync(tenantUser);
(await UserManager.ResetPasswordAsync(tenantUser, tenantUserResetToken, input.Password)).CheckErrors();
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = IdentitySecurityLogIdentityConsts.Identity,
Action = IdentitySecurityLogActionConsts.ChangePassword
});
}
}
}
- ABP Framework version: v4.3.0
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
I have the following error in my solution running on ABP 4.3.0 after submitting a new password in the forgotten password box: "VerifyUserTokenAsync() failed with purpose: ResetPassword for user."
I test everything on localhost in VS debug mode using a non-default tenant. As far as I remember, it used to work in the ABP 3.x.x. Any ideas, suggestions?
On other hand, ResetPassword works OK in test generated 4.3.0 solution on default tenant. So I cannot figure out what could be wrong...
What I have noticed is that ResetToken is a bit shorter in Test app...
Just in case if it matters: I have custom ProfileAppService.
Please make a note I am trying this code now:
public override async Task ResetPasswordAsync(ResetPasswordDto input)
{
await IdentityOptions.SetAsync();
var user = await UserManager.GetByIdAsync(input.UserId);
(await UserManager.ResetPasswordAsync(user, input.ResetToken, input.Password)).CheckErrors();
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = IdentitySecurityLogIdentityConsts.Identity,
Action = IdentitySecurityLogActionConsts.ChangePassword
});
}
But since I need to change the password for ALL TENANTS having such loginname I will need to use a custom implementation of AccountAppService :
public override async Task ResetPasswordAsync(ResetPasswordDto input)
{
await IdentityOptions.SetAsync();
var currentUser = await UserManager.GetByIdAsync(input.UserId);
var tenants = await _abxUserRepository.FindTenantsByLoginAsync(currentUser.UserName);
foreach (var tenant in tenants)
{
using (CurrentTenant.Change(tenant.AbpId))
{
var tenantUser = await UserManager.GetByIdAsync(input.UserId);
// Generate reset token for tenantUser!
(await UserManager.ResetPasswordAsync(tenantUser, /*resetToken for tenantUser */, input.Password)).CheckErrors();
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = IdentitySecurityLogIdentityConsts.Identity,
Action = IdentitySecurityLogActionConsts.ChangePassword
});
}
}
}
I have the same kind of problem in my solution running on ABP 4.3.0 now: "VerifyUserTokenAsync() failed with purpose: ResetPassword for user."
I test everything on localhost in VS debug mode. As far as I remember, it used to work in the ABP 3.x.x. Any ideas, suggestions?
On other hand, ResetPassword works OK in test generated 4.3.0 solution on default tenant. So I cannot figure out what could be wrong...
What I have noticed is that ResetToken is a bit shorter in Test app...
Just in case if it matters: I have custom ProfileAppService.
Oh, right. Yes - after adding migration class I can see missing table creation code is there. And migration now added missing tables. Eventually "Forgot password" functionality now is OK, no exceptions anymore - e-mail is sent as expected.
Thank you!
Thank you. I have added those configuring methods. I already had corresponding modules included into DependsOn on all layers.
So I run DbMigrator expecting it would create missing tables now. However, this did not happen - the tables are still missing. What do I do?
Please find below:
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using System.IO;
using Volo.Abp.AuditLogging.EntityFrameworkCore;
using Volo.Abp.BackgroundJobs.EntityFrameworkCore;
using Volo.Abp.EntityFrameworkCore;
using Volo.Abp.FeatureManagement.EntityFrameworkCore;
using Volo.Abp.Identity.EntityFrameworkCore;
using Volo.Abp.IdentityServer.EntityFrameworkCore;
using Volo.Abp.LanguageManagement.EntityFrameworkCore;
using Volo.Abp.PermissionManagement.EntityFrameworkCore;
using Volo.Abp.SettingManagement.EntityFrameworkCore;
using Volo.Saas.EntityFrameworkCore;
namespace AbxEps.CentralTools.EntityFrameworkCore
{
/* This DbContext is only used for database migrations.
* It is not used on runtime. See CentralToolsDbContext for the runtime DbContext.
* It is a unified model that includes configuration for
* all used modules and your application.
*/
public class CentralToolsMigrationsDbContext : AbpDbContext<CentralToolsMigrationsDbContext>
{
public CentralToolsMigrationsDbContext(DbContextOptions<CentralToolsMigrationsDbContext> options)
: base(options)
{
}
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{
var configuration = BuildConfiguration();
optionsBuilder.UseOracle(
configuration.GetConnectionString("Default"),
default(System.Action<Devart.Data.Oracle.Entity.OracleDbContextOptionsBuilder>));
}
protected override void OnModelCreating(ModelBuilder builder)
{
var config = Devart.Data.Oracle.Entity.Configuration.OracleEntityProviderConfig.Instance;
config.Workarounds.DisableQuoting = true;
config.CodeFirstOptions.UseNonLobStrings = true;
config.CodeFirstOptions.UseNonUnicodeStrings = true;
base.OnModelCreating(builder);
/* Include modules to your migration db context */
builder.ConfigurePermissionManagement();
builder.ConfigureSettingManagement();
builder.ConfigureBackgroundJobs();
builder.ConfigureAuditLogging();
builder.ConfigureIdentityPro();
builder.ConfigureIdentityServer();
builder.ConfigureFeatureManagement();
builder.ConfigureLanguageManagement();
builder.ConfigureSaas();
/* Configure your own tables/entities inside the ConfigureCentralTools method */
//builder.ConfigureCentralTools();
}
private static IConfigurationRoot BuildConfiguration()
{
var builder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false);
return builder.Build();
}
}
}
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Volo.Abp.AuditLogging.EntityFrameworkCore;
using Volo.Abp.BackgroundJobs.EntityFrameworkCore;
using Volo.Abp.BlobStoring.Database.EntityFrameworkCore;
using Volo.Abp.EntityFrameworkCore;
using Volo.Abp.FeatureManagement.EntityFrameworkCore;
using Volo.Abp.Identity.EntityFrameworkCore;
using Volo.Abp.IdentityServer.EntityFrameworkCore;
using Volo.Abp.LanguageManagement.EntityFrameworkCore;
using Volo.Abp.Modularity;
using Volo.Abp.PermissionManagement.EntityFrameworkCore;
using Volo.Abp.SettingManagement.EntityFrameworkCore;
using Volo.Abp.TextTemplateManagement.EntityFrameworkCore;
using Volo.Saas.EntityFrameworkCore;
using AbxEps.CT.Batch.EntityFrameworkCore;
using AbxEps.Abp.EF.Oracle.Extensions.Interceptors;
using AbxEps.CT.Core.EntityFrameworkCore;
using Volo.Abp.Auditing;
using AbxEps.CentralTools.Images.Handlers;
namespace AbxEps.CentralTools.EntityFrameworkCore
{
[DependsOn(
typeof(CentralToolsDomainModule),
typeof(AbpIdentityProEntityFrameworkCoreModule),
typeof(AbpIdentityServerEntityFrameworkCoreModule),
typeof(AbpPermissionManagementEntityFrameworkCoreModule),
typeof(AbpSettingManagementEntityFrameworkCoreModule),
typeof(AbpBackgroundJobsEntityFrameworkCoreModule),
typeof(AbpAuditLoggingEntityFrameworkCoreModule),
typeof(AbpFeatureManagementEntityFrameworkCoreModule),
typeof(LanguageManagementEntityFrameworkCoreModule),
typeof(SaasEntityFrameworkCoreModule),
typeof(TextTemplateManagementEntityFrameworkCoreModule),
typeof(BlobStoringDatabaseEntityFrameworkCoreModule),
typeof(CoreEntityFrameworkCoreModule),
typeof(BatchEntityFrameworkCoreModule)
)]
public class CentralToolsEntityFrameworkCoreModule : AbpModule
{
public override void PreConfigureServices(ServiceConfigurationContext context)
{
CentralToolsEfCoreEntityExtensionMappings.Configure();
}
public override void ConfigureServices(ServiceConfigurationContext context)
{
context.Services.AddAbpDbContext<CentralToolsDbContext>(options =>
{
/* Remove "includeAllEntities: true" to create
* default repositories only for aggregate roots */
options.AddDefaultRepositories(includeAllEntities: true);
});
context.Services.AddTransient<IAuditPropertySetter, Abp.DataExtensions.Entities.LogAuditPropertySetter>();
context.Services.AddTransient<IImageHandler, ImageHandler>();
Configure<AbpDbContextOptions>(options =>
{
options.PreConfigure(abpDbContextConfigurationContext =>
{
abpDbContextConfigurationContext.DbContextOptions.UseLoggerFactory(
LoggerFactory.Create(loggingBuilder => loggingBuilder.AddConsole()));
abpDbContextConfigurationContext.DbContextOptions.AddInterceptors(new RemoveQuotesInterceptor());
abpDbContextConfigurationContext.DbContextOptions.EnableSensitiveDataLogging();
});
options.UseOracle();
});
}
}
}
I already did such a compare, but it did not help me. Because a new project does not have previous migration classes - from version 3.3.2, as in my case. So I cannot figure out what went wrong when I was doing update-database. To provide you the details, I've attached two migration classes (see in my first message): previous one, version 3.3.2 and current one, version 4.3.0.
Obviously, some tables have not been created which are now required for ABP 4.3.0 to function properly.
From your documentation I cannot understand how to have those missing tables created and how to make "Forgot password" functionality function properly now (when it needs AbpTextTemplateContents table which has not been created during migration).