Hi,
I resovled package and module dependency, and was able to use IPermissionManager in my service, but faced another issue.
I defined new DynamicPermissionManagementProvider extends PermissionManagementProvider and DynamicPermissionValueProvider extends PermissionValueProvider to grant some users some dynamic permissions.
I was able to use the new provider and could see the granted permissions in the table AbpPermissionGrants in database. Also logged the result of getting the permission using this line of code:
var granted = await _permissionManager.GetAsync(RisksManagementServicePermissions.Risks.Default, DynamicPermissionValueProvider.ProviderName, CurrentUser.Id.Value.ToString());
And found that the permission is actually granted to the user using my provider. But from angular side, when sending application-configuration request (which includes in its response auth -> grantedPolicies to tell angular app current users' permissions, I don't see my permission granted!
Any idea?
I checked it and it works fine in the Api.Host project. How can I use it in the application layer? try to use IPermissionManager in the ProductService.Application project, it will not work directly. There is some dependency I need to add, can you tell what dependency or projects I need to add to make it work?
Hi,
I checked it and couldn't figure out how to get the provider that is granting the required permission, it can only tell if the permission is granted or not. Also the methods are not defined virtual so couldn't override them
Thanks I solved my problem
Global filter is a nice approach, but needs some modifications for my case. I need in some place (maybe inside CreateFilterExpression method or ShouldFilterEntity method) to check the following: if the current user has the static permission (given from permissions dialog), the filter should not be applied (i.e: return all products). But If the user is not given the permission, the filter should apply (return only the products he was assigned as owner for).
P.S: my solustion is a micro-service solution, so I can't use IPermissionManager in all micro-services (the PermissionManagement module is only added to AdministrationService)
I found the issue. In my service appsettings.json file, the AuthServer:Authority was wrong (was kept to localhost instead of the server URL of my service), when changed it worked fine. But I have a question (suggestion) regarding this: adding a new microservice to an existing solution requires some tedious code to be added (most of it inside OpenIddictDataSeeder) can't we automate this inside abp new command?
Thanks
This is set to true already (the logs are the same in my question). P.S: It works fine locally (on my PC with docker and tye configurations), this issue appeared when deployed on the server (using IIS to serve the services)
Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.you can add
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;to service to get the error details.
Already done from solution template
public class BaseServiceHttpApiHostModule : AbpModule
{
public override void ConfigureServices(ServiceConfigurationContext context)
{
//You can disable this setting in production to avoid any potential security risks.
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
Can you confirm where did you add this code?
Configure<AbpDistributedEntityEventOptions>(options =>
{
options.AutoEventSelectors.Add<OrganizationUnit>();
options.EtoMappings.RemoveAll(x => x.Value.EtoType == typeof(OrganizationUnitEto));
options.EtoMappings.Add<OrganizationUnit, CustomOrganizationUnitEto>(typeof(AbpIdentityDomainModule));
});
In which project and service. Because for me It only worked under IdentityService
And based on this: I need to define new AutoMapper profile in the IdentityService to map this
CreateMap<OrganizationUnit, MyOrganizationUnitEto>();
Am I right? or did I miss something?
Hi, It works now (because I moved the AbpDistributedEntityEventOptions to the IdentityServiceDomainModule project ( I was setting it in my service domain project previously.
But I still have an issue: OrganizationUnitEto doesn't have ParentId property like OrganizationUnit and I need to know this property to save it in my db table. When I try to get the OrganizationUnit entity using IOrganizationUnitRepository I get the following error:
[ERR] An error occurred using the connection to database '' on server ''.
Stacktrace:
2024-07-01 11:00:47.184 +03:00 [ERR] An error occurred using the connection to database '' on server ''.
2024-07-01 11:00:47.192 +03:00 [ERR] An exception occurred while iterating over the results of a query for context type 'RMG.Iso20.IdentityService.EntityFrameworkCore.IdentityServiceDbContext'.
System.InvalidOperationException: The ConnectionString property has not been initialized.
at Microsoft.Data.SqlClient.SqlConnection.PermissionDemand()
at Microsoft.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection)
at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions)
at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry, SqlConnectionOverrides overrides) at Microsoft.Data.SqlClient.SqlConnection.InternalOpenAsync(CancellationToken cancellationToken) --- End of stack trace from previous location --- at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected) at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func4 operation, Func4 verifySucceeded, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.MoveNextAsync() System.InvalidOperationException: The ConnectionString property has not been initialized. at Microsoft.Data.SqlClient.SqlConnection.PermissionDemand() at Microsoft.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection) at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions)
at Microsoft.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry, SqlConnectionOverrides overrides)
at Microsoft.Data.SqlClient.SqlConnection.InternalOpenAsync(CancellationToken cancellationToken)
--- End of stack trace from previous location ---
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected)
at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func4 operation, Func4 verifySucceeded, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.MoveNextAsync()