Open Closed

Is Organization-Unit required #3076

User avatar
0
paul.harriman created
  • ABP Framework version: v5.2.1
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

We disabled Organizational-Unit using the code (below). We noticed when just clicking on Administration | Identity Management | Users we got an Authorization error, but we could still add and edit Users.

It was our understanding that Organization-Unit is not required and we can "disable it". When it is "disabled" it would not show as a tab when adding/editing a User. Do we have an incorrect understanding or is this a bug or missing/bad code?

public override void PostDefine(IPermissionDefinitionContext context)
{
    base.PostDefine(context);

    context.GetPermissionOrNull(IdentityPermissions.OrganizationUnits.Default).IsEnabled = false;
    context.GetPermissionOrNull(IdentityPermissions.OrganizationUnits.ManageOU).IsEnabled = false;
    context.GetPermissionOrNull(IdentityPermissions.OrganizationUnits.ManageRoles).IsEnabled = false;
    context.GetPermissionOrNull(IdentityPermissions.OrganizationUnits.ManageUsers).IsEnabled = false;
}

Go to accepted answer
4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share the error logs of backend?

  • User Avatar
    0
    paul.harriman created

    Here's a section of our log file w/ the error

    2022-05-12 15:00:46.304 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:Zipline_App,n:AbpIdentity.UserLookup
2022-05-12 15:00:46.304 -04:00 [DBG] Found in the cache: pn:C,pk:Zipline_App,n:AbpIdentity.UserLookup
2022-05-12 15:00:46.398 -04:00 [DBG] Executed AbpApplicationConfigurationAppService.GetAsync().
2022-05-12 15:00:46.480 -04:00 [DBG] CORS request made for path: /messaging-hub from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
2022-05-12 15:00:53.052 -04:00 [DBG] CORS request made for path: /api/identity/roles from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
2022-05-12 15:00:53.054 -04:00 [DBG] CORS request made for path: /api/identity/organization-units from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
2022-05-12 15:00:53.056 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:U,pk:303c757e-a11a-e358-d6a7-39ff39adc838,n:AbpIdentity.Roles
2022-05-12 15:00:53.056 -04:00 [DBG] Found in the cache: pn:U,pk:303c757e-a11a-e358-d6a7-39ff39adc838,n:AbpIdentity.Roles
2022-05-12 15:00:53.056 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Roles
2022-05-12 15:00:53.057 -04:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Roles
2022-05-12 15:00:53.057 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:Zipline_App,n:AbpIdentity.Roles
2022-05-12 15:00:53.058 -04:00 [DBG] Found in the cache: pn:C,pk:Zipline_App,n:AbpIdentity.Roles
2022-05-12 15:00:53.061 -04:00 [WRN] ---------- RemoteServiceErrorInfo ----------
{
  "code": "Volo.Authorization:010001",
  "message": "Authorization failed! Given policy has not granted.",
  "details": null,
  "data": {},
  "validationErrors": null
}

2022-05-12 15:00:53.061 -04:00 [WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
   at Microsoft.AspNetCore.Authorization.AbpAuthorizationServiceExtensions.CheckAsync(IAuthorizationService authorizationService, AuthorizationPolicy policy)
   at Volo.Abp.Authorization.MethodInvocationAuthorizationService.CheckAsync(MethodInvocationAuthorizationContext context)
   at Volo.Abp.Authorization.AuthorizationInterceptor.AuthorizeAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
   at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at lambda_method6414(Closure , Object )
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2022-05-12 15:00:53.063 -04:00 [WRN] Code:Volo.Authorization:010001
2022-05-12 15:00:53.078 -04:00 [DBG] Added 0 entity changes to the current audit log
2022-05-12 15:00:53.089 -04:00 [DBG] Added 0 entity changes to the current audit log
2022-05-12 15:00:53.089 -04:00 [DBG] Added 0 entity changes to the current audit log
2022-05-12 15:00:53.149 -04:00 [DBG] CORS request made for path: /Account/AccessDenied from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
2022-05-12 15:00:53.150 -04:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
2022-05-12 15:00:53.159 -04:00 [DBG] Added bundle 'Lepton.Global' to the page in 1.31 ms.
2022-05-12 15:00:53.163 -04:00 [DBG] Added bundle 'Lepton.Global' to the page in 2.50 ms.
2022-05-12 15:00:53.372 -04:00 [DBG] CORS request made for path: /api/identity/users from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
2022-05-12 15:00:53.387 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:U,pk:303c757e-a11a-e358-d6a7-39ff39adc838,n:AbpIdentity.Users
2022-05-12 15:00:53.388 -04:00 [DBG] Found in the cache: pn:U,pk:303c757e-a11a-e358-d6a7-39ff39adc838,n:AbpIdentity.Users
2022-05-12 15:00:53.388 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Users
2022-05-12 15:00:53.389 -04:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Users
2022-05-12 15:00:53.389 -04:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:Zipline_App,n:AbpIdentity.Users
2022-05-12 15:00:53.391 -04:00 [DBG] Found in the cache: pn:C,pk:Zipline_App,n:AbpIdentity.Users
2022-05-12 15:00:53.436 -04:00 [DBG] Added 0 entity changes to the current audit log
2022-05-12 15:00:54.761 -04:00 [DBG] Executing HealthCheck collector HostedService.
2022-05-12 15:00:54.762 -04:00 [INF] Start processing HTTP request GET "https://localhost:44338/health-status"
2022-05-12 15:00:54.762 -04:00 [INF] Sending HTTP request GET "https://localhost:44338/health-status"
2022-05-12 15:00:54.771 -04:00 [DBG] Added 0 entity changes to the current audit log
2022-05-12 15:00:54.771 -04:00 [INF] Received HTTP response headers after 9.5464ms - 200
2022-05-12 15:00:54.771 -04:00 [INF] End processing HTTP request after 9.6662ms - 200
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi I will give feedback to our Angular Team.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    It is required for Angularbecause the page loads the organization info for the user and role.

Assignee
No one
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
Do you need assistance from an ABP expert?
Schedule a Meeting
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v9.3.0-preview. Updated on April 16, 2025, 12:13