Open Closed

Receiving 403 on /api/cms-kit-admin/entity-tags when called by admin #3679


User avatar
0
mattw@agilenova.com created

I am receiving an authorization exception when attempting to assign a tag to an entity using the cms-kit-admin-proxy.js in a custom page. The server trace includes: [12:13:51 INF] Request starting HTTP/1.1 PUT https://REDACTED/api/cms-kit-admin/entity-tags application/json 88 [12:13:51 INF] No CORS policy found for the specified request. [12:13:51 INF] Executing endpoint 'Volo.CmsKit.Admin.Tags.EntityTagAdminController.SetEntityTagsAsync (Volo.CmsKit.Admin.HttpApi)' [12:13:51 INF] Route matched with {area = "cms-kit-admin", action = "SetEntityTags", controller = "EntityTagAdmin", page = ""}. Executing controller action with signature System.Threading.Tasks.Task SetEntityTagsAsync(Volo.CmsKit.Admin.Tags.EntityTagSetDto) on controller Volo.CmsKit.Admin.Tags.EntityTagAdminController (Volo.CmsKit.Admin.HttpApi). [12:13:51 WRN] ---------- RemoteServiceErrorInfo ---------- { "code": null, "message": "An internal error occurred during your request!", "details": null, "data": {}, "validationErrors": null }

[12:13:51 WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. at Volo.CmsKit.Admin.CmsKitAdminAppServiceBase.CheckAnyOfPoliciesAsync(IEnumerable`1 policies) at Volo.CmsKit.Admin.Tags.EntityTagAdminAppService.SetEntityTagsAsync(EntityTagSetDto input)

I am executing the script as admin and have confirmed the following:

  1. I can tag BlogPosts as admin in the portal and so default CMS tags are working.
  2. I confirmed that the custom entity type exists, as it is visible in the portal.
  3. I confirmed that required parameters are included in the Ajax proxy request: volo.cmsKit.admin.tags.entityTagAdmin .setEntityTags({ entityType: 'Value', entityId: valueId, tags: tags }) .then(function (result) { finishSaving(result); });

The CmsKit documentation refers to policies but I'm not sure if they are required or optional and where to define them on my Value entity type.

  • CreatePolicies: List of policy/permission names allowing users to create tags under the entity type.
  • UpdatePolicies: List of policy/permission names allowing users to update tags under the entity type.
  • DeletePolicies: List of policy/permission names allowing users to delete tags under the entity type.

Please let me know how to resolve this exception. Do I need to define policies on the entities and, if so, how do I do that?

  • ABP Framework version: v5.3.4
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no (monolithic)
  • Exception message and stack trace: See above
  • Steps to reproduce the issue:
    1. Define a custom entity type
    1. Create a custom page with TagEditorViewComponent
    1. Use volo.cmsKit.admin.tags.entityTagAdmin to add the tag to an existing entity

2 Answer(s)
  • User Avatar
    0
    malik.masis created

    Hi,

    Did you define policies after defining your custom type? Could you check here, please? There is a correct definition here. Hope it helps you.

    Regards

  • User Avatar
    0
    mattw@agilenova.com created

    Thank you. That's just what I needed to resolve the permission issue.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19