Need to refresh the list of static permission definitions without site reload #5490

31 Answer(s)

• 

  0

  maliming created 2 years ago

  Support Team Fullstack Developer

  Thanks

  Save Cancel
• 

  0

  alexander.nikonov created 2 years ago

  I've overridden ABP PermissionAppService and debugged it. No issue found inside - the code below is called and contains correct data:

      public virtual async Task UpdateAsync(string providerName, string providerKey, UpdatePermissionsDto input)
      {
          await CheckProviderPolicy(providerName);
  
          foreach (var permissionDto in input.Permissions)
          {
              await PermissionManager.SetAsync(permissionDto.Name, providerName, providerKey, permissionDto.IsGranted);
          }
  
          await RabbitMqManager.UpdateAbpPermissionsAsync(input.Permissions, providerName, providerKey, CurrentTenant.Id);
      }
  

  So moving on, I've overriden PermissionManager too and found out that SetAsync does not actually update DB:

  

  I can see though, that there's no point to override PermissionManager - its method is very simple:

      public override async Task<PermissionDefinition> GetOrNullAsync(string name)
      {
          Check.NotNull(name, nameof(name));
      
          return await _staticStore.GetOrNullAsync(name) ??
                 await _dynamicStore.GetOrNullAsync(name);
      }
      
  

  So I proceeded - overridden StaticPermissionDefinitionStore:

      [Dependency(ReplaceServices = true)]
      [ExposeServices(typeof(IStaticPermissionDefinitionStore))]
      public class ApiStaticPermissionDefinitionStore : StaticPermissionDefinitionStore, IApiStaticPermissionDefinitionStore
      {
          public ApiStaticPermissionDefinitionStore(
              IServiceProvider serviceProvider,
              IOptions<AbpPermissionOptions> options) : base(serviceProvider, options)
          {
          }
      
          public void AddPermissionDefinition(string key, PermissionDefinition permissionDefinition)
          {
              if (!PermissionDefinitions.ContainsKey(key))
              {
                  PermissionDefinitions.Add(key, permissionDefinition);
              }
          }
      }
  

  My idea was to create a method in my IStaticPermissionDefinitionStore override, where I would FORCE adding a new PermissionDefinition to the existing collection. However, after adding it I've discovered that a whole custom permission definition collection is broken. BTW - inside AddPermissionDefinition I've looked at a whole PermissionDefinitions collection and suprisingly discovered that not all definitions are there: my custom definitions were not there by this time (yet?)

  Probably you can suggest another way around this?

  Save Cancel
• 

  0

  maliming created 2 years ago

  Support Team Fullstack Developer

  hi

  It uses Lazy to store the permissions.

  You can copy all the code of StaticPermissionDefinitionStore and create a new MyStaticPermissionDefinitionStore

  https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/StaticPermissionDefinitionStore.cs#L18

  Save Cancel
• 

  0

  alexander.nikonov created 2 years ago

  I already did this before. And I'm getting the error about missing custom permission definition group: All other permission definition groups are at place. When I do not override StaticPermissionDefinitionStore - the custom permission definition group is present as expected.

  What do I need to adjust in MyStaticPermissionDefinitionStore to make the group available?

  Save Cancel
• 

  0

  maliming created 2 years ago

  Support Team Fullstack Developer

  hi

  You can check the source code of StaticPermissionDefinitionStore

  https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/StaticPermissionDefinitionStore.cs#L74-L102

  Save Cancel
• 

  0

  alexander.nikonov created 2 years ago

  I've finally managed to resolve my issue. I will show my approach - probably this would come in handy for someone:

  Actually two steps are needed:

  1. Create permission itself and add it as a child either to another custom permission or to the root permission node (in my case it is roleSubgroupPermissionDefinition):

      readModuleRolePermissionDefinition = roleSubgroupPermissionDefinition?.AddChild(readRoleName).WithProviders(ModulePermissionRoleValueProvider.ProviderName);
     

  2. Add the created permission to PermissionDefinitions collection of ABP static permission store:

      await (_staticPermissionDefinitionStore as IExtendedStaticPermissionDefinitionStore).AddPermissionDefinitionAsync(readModuleRolePermissionDefinition.Name, readModuleRolePermissionDefinition);
     

  For this, i've extended ABP class with own methods. They are very simple - just to have access to PermissionDefinitions collection:

      public Task AddPermissionDefinitionAsync(string key, PermissionDefinition permissionDefinition)
      {
          if (!PermissionDefinitions.ContainsKey(key))
          {
              PermissionDefinitions.Add(key, permissionDefinition);
          }
          return Task.CompletedTask;
      }
  

  Nothing more is needed - no refresh or something...

  Thank you for your cooperation.

  Save Cancel

  1