Open Closed

not showing permissions of services in microservice architecture #4655


User avatar
0
firatm created

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

If you're creating a bug/problem report, please include followings:

  • ABP Framework version: v7.0.2
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or OpenIddict Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

(projects are made in community version)

  • I am using distributed identity management(OpenIddict)
  • Connecting via ocelot gateway
  • The permissions of the A service are written to the administration service via rabbitmq.
  • Using the A service via ocelot (RemoteService(ocelot))

error: When I authorize a method in A service I get error 403 because admin user can't have permissions of A service

A service (AdministrationService Database) How can i solve this problem?


23 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    How can we simply reproduce your issue?

  • User Avatar
    0
    firatm created

    hi

    How can we simply reproduce your issue?

    I can share the source code with you or we can meet on zoom

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can the template project be reproduced?

  • User Avatar
    0
    firatm created

    hi

    Can the template project be reproduced?

    zoom meeting would be better :)

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Even if the problem is reproduced remotely, I still need to reproduce and check it locally.

  • User Avatar
    0
    firatm created

    Even if the problem is reproduced remotely, I still need to reproduce and check it locally.

    ok if you send me an e-mail i can share the project

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can the template project be reproduced? Or just your project?

  • User Avatar
    0
    firatm created

    hi

    Can the template project be reproduced? Or just your project?

    can not be reproduced i will send my project

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please include the steps. Thanks

    liming.ma@volosoft.com

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I can't run the project you shared, and it's not a complete project, can you think of a way to reproduce the problem in a template project?

    I think it might be a problem with module dependencies

  • User Avatar
    0
    firatm created

    hi

    I can't run the project you shared, and it's not a complete project, can you think of a way to reproduce the problem in a template project?

    I think it might be a problem with module dependencies

    hi the project is working in my local, if you want, you can look at the problem with a zoom meeting

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi @firatm

    You can explain the design of your microservice solution in the Turkish language.

    Please explain in detail the dependencies of your solution.

    @gterdem will reply to you.

  • User Avatar
    0
    firatm created

    hi @firatm

    You can explain the design of your microservice solution in the Turkish language.

    Please explain in detail the dependencies of your solution.

    @gterdem will reply to you.

    thank you the meeting will be with zoom again, right?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    You can explain your details in Turkish before this

  • User Avatar
    0
    firatm created

    You can explain your details in Turkish before this

    ok thank you

  • User Avatar
    0
    firatm created

    @gterdem merhaba Yardımlarınızı bekliyorum :)

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    error: When I authorize a method in A service I get error 403 because admin user can't have permissions of A service

    Putting aside how you write the permissions to AdministrationService, is the problem related to admin user is granted by default with the seeded(?) new permissions?

    How do you seed the permissions of Service A? Is it auto-migration (seeding DataSeedContributor on OnPostApplicationInitialization)? DbMigrator?


    Permission'ların AdministrationService'e nasıl yazıldığını bir kenara bırakırsak, admin kullanıcısının default olarak neden yeni yazılan permission'lara sahip olmadığını mı soruyorsunuz tam olarak?

    Service A permission'ları nasıl yazıyorsunuz? OnPostApplicationInitialization method'unda DataSeedContributor'ı mı çalıştırıyorsunuz (auto-migration)? DbMigrator mı kullanıyorsunuz?

  • User Avatar
    0
    firatm created

    error: When I authorize a method in A service I get error 403 because admin user can't have permissions of A service

    Putting aside how you write the permissions to AdministrationService, is the problem related to admin user is granted by default with the seeded(?) new permissions?

    How do you seed the permissions of Service A? Is it auto-migration (seeding DataSeedContributor on OnPostApplicationInitialization)? DbMigrator?


    Permission'ların AdministrationService'e nasıl yazıldığını bir kenara bırakırsak, admin kullanıcısının default olarak neden yeni yazılan permission'lara sahip olmadığını mı soruyorsunuz tam olarak?

    Service A permission'ları nasıl yazıyorsunuz? OnPostApplicationInitialization method'unda DataSeedContributor'ı mı çalıştırıyorsunuz (auto-migration)? DbMigrator mı kullanıyorsunuz?

    Hi merhabalar public async Task HandleEventAsync(PermissionChangedEto eventData)

        {
            var abpUnitOfWorkOptions = new AbpUnitOfWorkOptions { IsTransactional = true };
            using var uow = _unitOfWorkManager.Begin(abpUnitOfWorkOptions, true);
           
    
            PermissionChangedEto newData = new PermissionChangedEto();
            newData.Name = eventData.Name;
    
            var config = new MapperConfiguration(cfg => cfg.CreateMap<PermissionChangedEto, PermissionGrant>().ReverseMap());
            var mapper = new Mapper(config);
            var permission = newData.Name;
    
    
            await _permissionDataSeeder.SeedAsync(
                RolePermissionValueProvider.ProviderName,
              
                "admin",
                permission
    
            );
    
    
            await uow.CompleteAsync();
           
    
        }`
    

    ` dbmigratoru kullanmıyorum ama dataSeeder ile yazdırıyorum

    I'm not using dbmigrator but writting with dataSeeder

  • User Avatar
    0
    firatm created

    error: When I authorize a method in A service I get error 403 because admin user can't have permissions of A service

    Putting aside how you write the permissions to AdministrationService, is the problem related to admin user is granted by default with the seeded(?) new permissions?

    How do you seed the permissions of Service A? Is it auto-migration (seeding DataSeedContributor on OnPostApplicationInitialization)? DbMigrator?


    Permission'ların AdministrationService'e nasıl yazıldığını bir kenara bırakırsak, admin kullanıcısının default olarak neden yeni yazılan permission'lara sahip olmadığını mı soruyorsunuz tam olarak?

    Service A permission'ları nasıl yazıyorsunuz? OnPostApplicationInitialization method'unda DataSeedContributor'ı mı çalıştırıyorsunuz (auto-migration)? DbMigrator mı kullanıyorsunuz?

    Hi merhabalar public async Task HandleEventAsync(PermissionChangedEto eventData)

        { 
            var abpUnitOfWorkOptions = new AbpUnitOfWorkOptions { IsTransactional = true }; 
            using var uow = _unitOfWorkManager.Begin(abpUnitOfWorkOptions, true); 
            
    
            PermissionChangedEto newData = new PermissionChangedEto(); 
            newData.Name = eventData.Name; 
    
            var config = new MapperConfiguration(cfg => cfg.CreateMap<PermissionChangedEto, PermissionGrant>().ReverseMap()); 
            var mapper = new Mapper(config); 
            var permission = newData.Name; 
    
    
            await _permissionDataSeeder.SeedAsync( 
                RolePermissionValueProvider.ProviderName, 
               
                "admin", 
                permission 
    
            ); 
    
    
            await uow.CompleteAsync(); 
            
    
        }` 
    

    ` dbmigratoru kullanmıyorum ama dataSeeder ile yazdırıyorum

    I'm not using dbmigrator but writting with dataSeeder

    @gterdem isterseniz zoom üzerinde yapıyı daha ayrıntılı bir şekilde anlatabilirim. If you want, I can explain the structure in more detail on zoom.

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    galip.erdem@volosoft.com a zoom davetiyesi gönderir misiniz? TR saati ile 17:00’den sonra mümkünse.

  • User Avatar
    0
    ilhan.ordukaya created

    galip.erdem@volosoft.com a zoom davetiyesi gönderir misiniz? TR saati ile 17:00’den sonra mümkünse.

    Toplantı kimliği mailinize gönderilmiştir. Görüşmek üzere

  • User Avatar
    0
    ilhan.ordukaya created

    @gterdem merhabalar Cuma günü görüşmemizde tavsiye ettiğiniz çözüm yolunu denedik ama bir çözüme ulaşamadık kendimiz farklı bir yöntem denedik başarılı olduk gibi gözüküyor ama kafamızda bazı soru işaretleri oluştu dün mail oluşturduk yoğunluktan görememiş olabilirsiniz müsait olduğunuz bir zaman dilimde bize zamanı belirtirseniz zoom üzerinden bir görüşme ile bu yapıyı size anlatmak isteriz geri dönüşünüze göre zoom toplantısi oluşturup size atabilirim. Geri dönüşlerinizi bekliyorum

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    Merhaba, sorununuz düzelmişti sanırım. Bu soruyu kapatabilir, yeni veya farklı soru için yeni issue açabilirsiniz.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09