Open Closed

How to define default permissions for the admin role? #530


User avatar
1
talhazengin created

I want to define admin user's default permissions. By default admin user gets grant for all permissions. But i want to give that role only specific permissions.

Currently i didn't find any consistent solution.


4 Answer(s)
  • User Avatar
    1
    liangshiwei created
    Support Team Fullstack Developer

    See https://github.com/abpframework/abp/blob/21a280856c9060ba7ecdb748b50a38aec6053dac/modules/permission-management/src/Volo.Abp.PermissionManagement.Domain/Volo/Abp/PermissionManagement/PermissionDataSeedContributor.cs#L37

    PermissionDataSeedContributor will grants all permissions to the admin role. you can replace the service:

    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(PermissionDataSeedContributor),typeof(IDataSeedContributor))]
    public class MyPermissionDataSeedContributor : PermissionDataSeedContributor
    {
        public MyPermissionDataSeedContributor(IPermissionDefinitionManager permissionDefinitionManager, IPermissionDataSeeder permissionDataSeeder, ICurrentTenant currentTenant) : base(permissionDefinitionManager, permissionDataSeeder, currentTenant)
        {
        }
    
        public override Task SeedAsync(DataSeedContext context)
        {
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();
            var permissionNames = PermissionDefinitionManager
                .GetPermissions()
                .Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
                .Where(p => !p.Providers.Any() || p.Providers.Contains(RolePermissionValueProvider.ProviderName))
                .Select(p => p.Name)
                .Where(x=>....)//Filter the permissions you want
                .ToArray();
    
            return PermissionDataSeeder.SeedAsync(
                RolePermissionValueProvider.ProviderName,
                "admin",
                permissionNames,
                context?.TenantId
            );
        }
    }
    
  • User Avatar
    0
    talhazengin created

    I applied this, but below error shows up when running DbMigrator:

    The requested service '...MyPermissionDataSeedContributor' has not been registered. To avoid this exception, either register a component to provide the service, check for service registration using IsRegistered(), or use the ResolveOptional() method to resolve an optional dependency. Autofac.Core.Registration.ComponentNotRegisteredException: The requested service '...MyPermissionDataSeedContributor' has not been registered. To avoid this exception, either register a component to provide the service, check for service registration using IsRegistered(), or use the ResolveOptional() method to resolve an optional dependency.

  • User Avatar
    1
    talhazengin created

    Ok i solved this with adding below line in DBMigrator Service configuration steps:

    context.Services.AddTransient<MyPermissionDataSeedContributor>();

    Is this the right approach?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Yes, you can manually add to the DI system or implement the ITransientDependency interface. So, Does it work for you?

Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15