- ABP Framework version: v8.2.3
- UI Type: MVC
- Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..) / MongoDB
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace:
- Steps to reproduce the issue:
Hi Abp Team,
Due to EU regulations, I need to deploy Authserver and Web API server to one of the EU regions.
The current Setup is divided into:
- AuthServer in Sydney Australia
- Web API Host in Sydney Australia
- MVC Two Application:
- HR Module in Sydney Australia
- Accounting Module in Sydney Australia
Question 1: Is there any way I can deploy Auth and Web Api Host in EU regions with no change to the MVC application as No data is saved in MVC, I want my MVC application to detect if the User is in from EU or Non-EU, if EU then consume EU Auth and WebApiHost, if non-EU then user Australian Auth and WebApiHost server?
Question 2: Abp permissions use only Read, Update, Delete and Create, however when a user has access to Read, it allows all users to same read, I am looking a solution for: - If the User belongs to OU Director -> Allow Access to HR and Accounting Application - If the User belongs to OU HR department -> Allow Access to full HR access. - If the User belongs to OU Accounts -> Access to Accounts full access, but HR Module -> Employees List -> Read Access to non-Director OU. - Shomehow I can user a filter in roles like (x => x.OU == "Director")
Thanks, Navneet
4 Answer(s)
-
0
Question 1: Is there any way I can deploy Auth and Web Api Host in EU regions with no change to the MVC application as No data is saved in MVC, I want my MVC application to detect if the User is in from EU or Non-EU, if EU then consume EU Auth and WebApiHost, if non-EU then user Australian Auth and WebApiHost server?
You can add a middleware to update the remote service URLs dynamically
public override void OnApplicationInitialization(ApplicationInitializationContext context) { var app = context.GetApplicationBuilder(); var env = context.GetEnvironment(); app.UseForwardedHeaders(); app.Use(async (httpContext, next) => { // get user region var cultureName = CultureInfo.CurrentCulture.Name; // check is user from European Union var isEu = cultureName == "de-DE" || cultureName == "en-GB" || cultureName == "fr-FR" || cultureName == "it-IT" || cultureName == "es-ES" || cultureName == "nl-NL" || cultureName == "pl-PL" || cultureName == "pt-PT" || cultureName == "ro-RO" || cultureName == "sv-SE" || cultureName == "cs-CZ" || cultureName == "da-DK" || cultureName == "fi-FI" || cultureName == "el-GR" || cultureName == "hu-HU" || cultureName == "lt-LT" || cultureName == "lv-LV" || cultureName == "mt-MT" || cultureName == "sk-SK" || cultureName == "sl-SI" || cultureName == "bg-BG" || cultureName == "hr-HR" || cultureName == "et-EE" || cultureName == "ga-IE"; var options = httpContext.RequestServices.GetRequiredService<IOptions<AbpRemoteServiceOptions>>(); if (isEu) { options.Value.RemoteServices.Default!.BaseUrl = "EuropeBaseUrl..."; } else { options.Value.RemoteServices.Default!.BaseUrl = "OtherBaseUrl..."; } await next(); }); .......... } -
0
Abp permissions use only Read, Update, Delete and Create, however when a user has access to Read, it allows all users to same read, I am looking a solution for:
you can consider to add a custom data filter:
https://abp.io/docs/latest/framework/infrastructure/data-filtering
-
0
HI Liangshiwei,
Thanks for sharing
-
0
Hi,
:)
Let me know if you got any problems
