I am trying to create a custom implementation of IPermissionChecker in the shared project and consume this implementation in several projects.
Currently I'm having the problem with this implementation. Here is the checker:
[Dependency(ReplaceServices = false)]
public class AbxPermissionChecker : IPermissionChecker
{
private PermissionChecker _abpPermissionChecker;
private IServiceProvider _serviceProvider;
private readonly ILicencePermissionChecker _licencePermissionChecker;
public AbxPermissionChecker
(
PermissionChecker abpPermissionChecker,
IServiceProvider serviceProvider,
ILicencePermissionChecker licencePermissionChecker
)
{
_abpPermissionChecker = abpPermissionChecker;
_serviceProvider = serviceProvider;
_licencePermissionChecker = licencePermissionChecker;
}
public async Task<bool> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string name)
{
using var scope = _serviceProvider.CreateScope();
var abxRequestContext = scope.ServiceProvider.GetRequiredService<IAbxRequestContext>();
return await _licencePermissionChecker.IsGrantedAsync(abxRequestContext.AbxTenantId, abxRequestContext.AbxModuleId) && await _abpPermissionChecker.IsGrantedAsync(claimsPrincipal, name);
}
public Task<bool> IsGrantedAsync(string name)
{
return _abpPermissionChecker.IsGrantedAsync(name);
}
public Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names)
{
return _abpPermissionChecker.IsGrantedAsync(names);
}
public Task<MultiplePermissionGrantResult> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string[] names)
{
return _abpPermissionChecker.IsGrantedAsync(claimsPrincipal, names);
}
}
public class PermissionManager : DomainService
{
private readonly IRepository<Tenant, int> _tenantRepository;
private readonly IRepository<ModuleLicence> _moduleLicenceRepository;
private readonly IRepository<CompanyLicence> _companyLicenceRepository;
public PermissionManager
(
IRepository<Tenant, int> tenantRepository,
IRepository<ModuleLicence> moduleLicenceRepository,
IRepository<CompanyLicence> companyLicenceRepository
)
{
_tenantRepository = tenantRepository;
_moduleLicenceRepository = moduleLicenceRepository;
_companyLicenceRepository = companyLicenceRepository;
}
public async Task<List<string>> GetAccessibleModulesAsync(int abxTenantId)
{
var tenants = await _tenantRepository.GetQueryableAsync();
var companyLicences = await _companyLicenceRepository.GetQueryableAsync();
var moduleLicences = await _moduleLicenceRepository.GetQueryableAsync();
var query = from tenant in tenants.Where(x => x.Id == abxTenantId).Take(1)
join companyLicence in companyLicences on tenant.CompanyId equals companyLicence.CompanyId
join moduleLicence in moduleLicences on companyLicence.LicenceId equals moduleLicence.LicenceId
select moduleLicence.ModuleId;
return query.Distinct().ToList();
}
}
The exception I'm getting in the consuming project when accessing PermissionManager method:
Autofac.Core.DependencyResolutionException: An exception was thrown while activating Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController -> Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationAppService -> AbxEps.CT.Core.Permissions.AbxPermissionChecker -> AbxEps.CT.Core.Permissions.AbxLicencePermissionChecker -> AbxEps.CT.Core.Permissions.PermissionManager. ---> Autofac.Core.DependencyResolutionException: None of the constructors found with 'Autofac.Core.Activators.Reflection.DefaultConstructorFinder' on type 'AbxEps.CT.Core.Permissions.PermissionManager' can be invoked with the available services and parameters: Cannot resolve parameter 'Volo.Abp.Domain.Repositories.IRepository
2[AbxEps.CT.Core.Tenants.Tenant,System.Int32] tenantRepository' of constructor 'Void .ctor(Volo.Abp.Domain.Repositories.IRepository2[AbxEps.CT.Core.Tenants.Tenant,System.Int32], Volo.Abp.Domain.Repositories.IRepository1[AbxEps.CT.Core.ModuleLicences.ModuleLicence], Volo.Abp.Domain.Repositories.IRepository1[AbxEps.CT.Core.CompanyLicences.CompanyLicence])'.
Now let me explain what I'm trying to achieve. CoreDbContext in the shared project contains SIMPLIFIED models of entities which are ALREADY bound in the consuming project. Since I cannot bind the model to the same table name twice in the same DbContext as well as I don't want to MOVE a complex model binding from consuming project to the shared project, I decided to use two independent DbContext:
public static void ConfigureCore(
this ModelBuilder builder,
Action<CoreModelBuilderConfigurationOptions> optionsAction = null
) {
builder.Entity<CompanyLicence>(b =>
{
b.ToTable("CT_CA_COMP_LIC", CentralToolsConsts.DbSchema);
.... simplified binding
}
public static void ConfigureConsuming(
this ModelBuilder builder,
Action<ConsumingModelBuilderConfigurationOptions> optionsAction = null
) {
builder.Entity<CompanyLicence>(b =>
{
b.ToTable("CT_CA_COMP_LIC", CentralToolsConsts.DbSchema);
.... advanced binding
}
What is correct way to authorize RabbitMQ user so that I could invoke AppService methods from RabbitMQ receiver or sender? In the meantime both CurrentTenant and CurrentUser are null. Please write the example of the code.
I have installed AbpAspNetCoreSignalRModule into HttpApi.Host project and put it into Module dependencies. I also used the following setup:
Configure<AbpSignalROptions>(options =>
{
options.Hubs.AddOrUpdate(
typeof(NotificationHub),
config =>
{
config.RoutePattern = "/signalr-hubs/notification";
config.ConfigureActions.Add(hubOptions =>
{
//Additional options
hubOptions.LongPolling.PollTimeout = TimeSpan.FromSeconds(30);
});
}
);
});
The code above is followed by ConfigureSwagger setup. Nevertheless, I don't see signalr-hubs/notification endpoint at my Swagger page.
I even installed Swagger extension from Nuget, but I still can't see this endpoint. WHY? This is question #1.
Question #2. Why Angular app does not work with SignalR?
@Injectable({
providedIn: 'root'
})
export class SignalRService {
private hubConnection: signalR.HubConnection
public startConnection = () => {
this.hubConnection = new signalR.HubConnectionBuilder()
.withUrl
(
`${environment.apis['default'].url}/signalr-hubs/notification`,
{ skipNegotiation: true, transport: signalR.HttpTransportType.WebSockets }
)
.build();
this.hubConnection
.start()
.then(() => console.log('Connection started'))
.catch(err => console.log('Error while starting connection: ' + err))
}
public addNotificationListener = () => {
this.hubConnection.on('notificationreceived', (data) => {
console.log(data);
});
}
}
The error is:
Probably something is not fully correct with my Ocelot gateway settings, but I am even not sure the Hub endpoint is available. How do I check this??
{
"DownstreamPathTemplate": "/signalr-hubs/notification",
"DownstreamScheme": "wss",
"DownstreamHostAndPorts": [
{
"Host": "localhost",
"Port": 44328
}
],
"UpstreamPathTemplate": "/centraltool/signalr-hubs/notification",
"UpstreamHttpMethod": [ "GET", "POST", "PUT", "DELETE" ],
"Key": "centraltool-signalr"
},
Anticipating your question: no, I cannot send the project. And we have no time trying to make things work in the test project: our setup is more complex and it would not help us in any way if we find out the test sample DOES work. Please help us to understand, what is wrong here. Step by step.
Thank you.
ABP Framework version: v5.1.2 UI type: Angular DB provider: EF Core Identity Server Separated (Angular)
Hello
I use the class implementing IAuditingStore interface to catch all the errors in our application. I would like to use this class as a proxy: for this I inject ABP object implementing IAuditLogRepository interface.
I've faced the issue while trying to save an error (It looks like task has been canceled by ABP logic) - see the picture attached:
This logic used to work well on the previous versions of ABP framework. What is wrong now?
Hi.
We would like to add information about missing permission for an error page (403 Forbidden) in Angular application when a user uses direct link to some page. We tried to use HTTP_ERROR_HANDLER provider, but the HttpErrorResponse object doesn't have any informations about missing permissions. Could you please extend this object or advice how we can get the information about missing permissions for a user?
OracleRelationalCommand.ExecuteReaderAsync() : Oracle.ManagedDataAccess.Client.OracleException (0x80004005): ORA-12899: value too large for column "ABDEV"."ABPAUDITLOGS"."EXCEPTIONS" (actual: 15651, maximum: 4000)
Hi. I faced with the situation that some exception cannot be stored because the value is too large for column "ABPAUDITLOGS"."EXCEPTIONS". At this moment I use "Volo.Abp.AuditLogging" module version 5.1.2. Unfortunatly, I didn't manage to find any logic in this module which can truncate too large text of exception. Could you please advice how this issue can be fixed? Not by incrementing the column length.
4.3.0 / Angular / separate IdentityServer
I have custom implementation of IAuthorizationMiddlewareResultHandler (it checks missing permissions for a user) and I want to provide additional exception info from it to Angular client in pop-up window. It works in some scenarios - like the page is accessed from navigation menu and it misses some permission. But if I try to access the page which is not accessible via typing its address in a browser - I ALWAYS get the following page without details:
We make calls from Angular app to several HTTP hosts which reside:
Gathering data from all the hosts is too slow, please have a look:
Log file analysis shows that is it not a problem of DB query which takes usually several dozens of ms, it is a server response creation itself, so looks like using alternative server cache (e.g. Redis) would not help (meanwhile we use default ABP caching):
[14:46:50 INF] Executed action method AbxEps.CentralTools.Controllers.FreeCodeValues.FreeCodeValueController.GetCumulationTypesAsync (AbxEps.CentralTools.HttpApi), returned result Microsoft.AspNetCore.Mvc.ObjectResult in 2167.4438ms.
[14:46:51 INF] Executed endpoint 'AbxEps.CentralTools.Controllers.FreeCodeValues.FreeCodeValueController.GetCumulationsAsync (AbxEps.CentralTools.HttpApi)' info: Microsoft.EntityFrameworkCore.Infrastructure[10403] Entity Framework Core 5.0.5 initialized 'CoreDbContext' using provider 'Oracle.EntityFrameworkCore' with options: SensitiveDataLoggingEnabled QuerySplittingBehavior=SplitQuery info: Microsoft.EntityFrameworkCore.Database.Command[20101] Executed DbCommand (43ms) [Parameters=[:filter_AbxTenantId_0='17' (Nullable = true), :filter_DomainId_1='MD' (Size = 4), :filter_CodeName_2='C_FND_CUM_TYP' (Size = 50), :filter_LanguageCode_3='E' (Size = 4), :defaultLanguageCode_4='E' (Size = 4)], CommandType='Text', CommandTimeout='0'] SELECT c.C_TENANT, c.C_DOMAIN, c.C_FLD, c.C_LANGUAGE, c.C_STR, c.S_COMMENT, c.D_INS, c.C_USR_INS, c.S_TXT, c.U_CA_IMAGE, c.D_UPD, c.C_USR_UPD, c.C_NEOSKEY, c.C_NUM, c.S_TXT_INT FROM CT_CA_CD_POS c WHERE ((((((c.C_TENANT = :filter_AbxTenantId_0) AND (c.C_DOMAIN = :filter_DomainId_1))) AND (c.C_FLD = :filter_CodeName_2))) AND (((c.C_LANGUAGE = :filter_LanguageCode_3) OR (c.C_LANGUAGE = :defaultLanguageCode_4))))
I also see some gaps between numbers which form total response time above and can't figure out what those ~15 seconds are spent for:
[14:46:54 INF] Request finished HTTP/2 GET https://localhost:44328/api/ct/central-tool/free-codes/values/cumulations/en - - - 200 302 application/json;+charset=utf-8 17065.3807ms
Used Oracle DB resides on Azure cloud, but it may not contribute much to the total time either.
How to overcome this issue with TTFB? We use standard ABP layered architecture, nothing fancy.
> [15:44:46 ERR] ---------- RemoteServiceErrorInfo ----------
> {
> "code": null,
> "message": "An internal error occurred during your request!",
> "details": null,
> "data": {
> "ActivatorChain": "AbxEps.CentralTools.Controllers.AbxUserProfile.AbxUserProfileController"
> },
> "validationErrors": null
> }
> [15:44:46 ERR] An exception was thrown while activating AbxEps.CentralTools.Controllers.AbxUserProfile.AbxUserProfileController.
> Autofac.Core.DependencyResolutionException: An exception was thrown while activating AbxEps.CentralTools.Controllers.AbxUserProfile.AbxUserProfileController.
> ---> Autofac.Core.DependencyResolutionException: None of the constructors found with 'Volo.Abp.Autofac.AbpAutofacConstructorFinder' on type 'AbxEps.CentralTools.Controllers.AbxUserProfile.AbxUserProfileController' can be invoked with the available services and parameters:
> Cannot resolve parameter 'AbxEps.CentralTools.AbxUserProfile.IAbxUserProfileService abxUserProfileService' of constructor 'Void .ctor(AbxEps.CentralTools.AbxUserProfile.IAbxUserProfileService)'.
> at Autofac.Core.Activators.Reflection.ReflectionActivator.GetAllBindings(ConstructorBinder[] availableConstructors, IComponentContext context, IEnumerable`1 parameters)
> at Autofac.Core.Activators.Reflection.ReflectionActivator.ActivateInstance(IComponentContext context, IEnumerable`1 parameters)
> at Autofac.Core.Activators.Reflection.ReflectionActivator.<ConfigurePipeline>b__11_0(ResolveRequestContext ctxt, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Middleware.DisposalTrackingMiddleware.Execute(ResolveRequestContext context, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Builder.RegistrationBuilder`3.<>c__DisplayClass41_0.<PropertiesAutowired>b__0(ResolveRequestContext ctxt, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Middleware.ActivatorErrorHandlingMiddleware.Execute(ResolveRequestContext context, Action`1 next)
> --- End of inner exception stack trace ---
> at Autofac.Core.Resolving.Middleware.ActivatorErrorHandlingMiddleware.Execute(ResolveRequestContext context, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Middleware.SharingMiddleware.Execute(ResolveRequestContext context, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.Middleware.CircularDependencyDetectorMiddleware.Execute(ResolveRequestContext context, Action`1 next)
> at Autofac.Core.Resolving.Pipeline.ResolvePipelineBuilder.<>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt)
> at Autofac.Core.Resolving.ResolveOperation.GetOrCreateInstance(ISharingLifetimeScope currentOperationScope, ResolveRequest request)
> at Autofac.Core.Resolving.ResolveOperation.ExecuteOperation(ResolveRequest request)
> at Autofac.ResolutionExtensions.TryResolveService(IComponentContext context, Service service, IEnumerable`1 parameters, Object& instance)
> at Autofac.ResolutionExtensions.ResolveService(IComponentContext context, Service service, IEnumerable`1 parameters)
> at Microsoft.AspNetCore.Mvc.Controllers.ServiceBasedControllerActivator.Create(ControllerContext actionContext)
> at Microsoft.AspNetCore.Mvc.Controllers.ControllerFactoryProvider.<>c__DisplayClass5_0.<CreateControllerFactory>g__CreateController|0(ControllerContext controllerContext)
> at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
> at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
> --- End of stack trace from previous location ---
> at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
This happens in a very common situation - we have another controllers which work fine. And this one seems to look the same, but for some reason it causes the given exception:
I need to use logical conditions (mainly "OR") for some AbpController calls. I need to have it transparent, so the best way is to extend Authorize attribute functionality.
I've read your documentation about Authorization - https://docs.abp.io/en/abp/latest/Authorization - but found nothing that would suit my needs.
You used to use AbpAuthorize and similar attributes on different layers which allowed to supply an array of policies and AND / OR indicator (RequireAllPermissions).
Seems like it is not used anymore (at least, I could not make it work).
Well, OK - if you are using AuthorizeAttribute from Microsoft now - I found the article describing similar task and overrode a bunch of classes (but reused some of your code), please see the attach:
https://1drv.ms/u/s!AhWdpZddvifTtjEHoKMud74vu7No?e=LmsXGB
HttpApiHostModule:
public override void ConfigureServices(ServiceConfigurationContext context)
{
...
context.Services.AddSingleton<IAuthorizationHandler, AbxPermissionHandler>();
context.Services.AddSingleton<IAuthorizationPolicyProvider, AbxPermissionAuthorizationPolicyProvider>();
}
Now in general it works, but I am not sure it's fully correct. Could you please have a look? Is there an easier way to do what I want?
One more question: some ABP UI controls are extended by us, i.e. we took ABP components and injected them in our components or just copied a source code (User, Organization Units, Tenants, etc.). For such controls we have own permissions. But the issue now is we have both ABP and own permissions and sometimes it is required to tick them all to make UI control work without erors. Is there an easier way, i.e. to tick only OUR permissions and make whole control work without 401 / 403 errors?
Also I am not very happy there is limitation for two permissions in *abpPermission directive in Angular UI: is there easy way to have more?
Call:
[AbxPermissionAuthorize(PermissionOperator.Or, CentralToolsPermissions.Licences.Default, CentralToolsPermissions.Modules.Default)]
public class LicenceController : AbpController
Or probably I need to use TypeFilterAttribute instead?