Need to refresh the list of static permission definitions without site reload #5490 | Support

alexander.nikonov created one year ago

ABP Framework version: v7.0.1
UI Type: Angular
Database System: Oracle
Auth Server Separated

I create a custom permission definition in DB. On next step I assign it to a user role. This next step is impossible until I restart the app (so the list of permission definitions is being actualized). I do not want app restart - I need a "hot-reload" for permission definitions. How can I implement this? No dramatic changes, no switching to dynamic permissions! - I just need a small "Refresh" method, which would trigger permission definition list reload - so they all would be available for role assignment. Please, show a piece of code.

31 Answer(s)

0

maliming created one year ago
Support Team Fullstack Developer

Thanks

alexander.nikonov created one year ago

I've overridden ABP PermissionAppService and debugged it. No issue found inside - the code below is called and contains correct data:

    public virtual async Task UpdateAsync(string providerName, string providerKey, UpdatePermissionsDto input)
    {
        await CheckProviderPolicy(providerName);

        foreach (var permissionDto in input.Permissions)
        {
            await PermissionManager.SetAsync(permissionDto.Name, providerName, providerKey, permissionDto.IsGranted);
        }

        await RabbitMqManager.UpdateAbpPermissionsAsync(input.Permissions, providerName, providerKey, CurrentTenant.Id);
    }

So moving on, I've overriden PermissionManager too and found out that SetAsync does not actually update DB:

I can see though, that there's no point to override PermissionManager - its method is very simple:

    public override async Task&lt;PermissionDefinition&gt; GetOrNullAsync(string name)
    {
        Check.NotNull(name, nameof(name));
    
        return await _staticStore.GetOrNullAsync(name) ??
               await _dynamicStore.GetOrNullAsync(name);
    }

So I proceeded - overridden StaticPermissionDefinitionStore:

    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(IStaticPermissionDefinitionStore))]
    public class ApiStaticPermissionDefinitionStore : StaticPermissionDefinitionStore, IApiStaticPermissionDefinitionStore
    {
        public ApiStaticPermissionDefinitionStore(
            IServiceProvider serviceProvider,
            IOptions&lt;AbpPermissionOptions&gt; options) : base(serviceProvider, options)
        {
        }
    
        public void AddPermissionDefinition(string key, PermissionDefinition permissionDefinition)
        {
            if (!PermissionDefinitions.ContainsKey(key))
            {
                PermissionDefinitions.Add(key, permissionDefinition);
            }
        }
    }

My idea was to create a method in my IStaticPermissionDefinitionStore override, where I would FORCE adding a new PermissionDefinition to the existing collection. However, after adding it I've discovered that a whole custom permission definition collection is broken. BTW - inside AddPermissionDefinition I've looked at a whole PermissionDefinitions collection and suprisingly discovered that not all definitions are there: my custom definitions were not there by this time (yet?)

Probably you can suggest another way around this?

0

maliming created one year ago
Support Team Fullstack Developer

hi

It uses Lazy to store the permissions.

You can copy all the code of StaticPermissionDefinitionStore and create a new MyStaticPermissionDefinitionStore

https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/StaticPermissionDefinitionStore.cs#L18
0

alexander.nikonov created one year ago

I already did this before. And I'm getting the error about missing custom permission definition group: All other permission definition groups are at place. When I do not override StaticPermissionDefinitionStore - the custom permission definition group is present as expected.

What do I need to adjust in MyStaticPermissionDefinitionStore to make the group available?
0

maliming created one year ago
Support Team Fullstack Developer

hi

You can check the source code of StaticPermissionDefinitionStore

https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/StaticPermissionDefinitionStore.cs#L74-L102
0
alexander.nikonov created one year ago
I've finally managed to resolve my issue. I will show my approach - probably this would come in handy for someone:

Actually two steps are needed:

Create permission itself and add it as a child either to another custom permission or to the root permission node (in my case it is roleSubgroupPermissionDefinition):

readModuleRolePermissionDefinition = roleSubgroupPermissionDefinition?.AddChild(readRoleName).WithProviders(ModulePermissionRoleValueProvider.ProviderName);

Add the created permission to PermissionDefinitions collection of ABP static permission store:

await (_staticPermissionDefinitionStore as IExtendedStaticPermissionDefinitionStore).AddPermissionDefinitionAsync(readModuleRolePermissionDefinition.Name, readModuleRolePermissionDefinition);

For this, i've extended ABP class with own methods. They are very simple - just to have access to PermissionDefinitions collection:

public Task AddPermissionDefinitionAsync(string key, PermissionDefinition permissionDefinition) { if (!PermissionDefinitions.ContainsKey(key)) { PermissionDefinitions.Add(key, permissionDefinition); } return Task.CompletedTask; }

Nothing more is needed - no refresh or something...

Thank you for your cooperation.
1

Showing 26 to 50 of 31 entries.

Previous
1
2 (current)
Next

Have an answer to this question? Log in and write your answer.