Scenario: In our web application, our customers get one tenant each. The customer then has the option to add further users to the tenant (other employees of the company). To be able to create (and delete) other users, they need permission for user management (Create, Edit, Delete, View details). We do not want to give them any other rights (no role management, no sessions, ...).
So that we still have an admin user (for us) who has all the admin rights, we would like to preserve the general admin user. However, the customer does not receive this login data. We do not want the customer to be able to change / delete this user.
Is this procedure unusual? What are best practices for this case, which certainly occurs often?
Menu item: I would also like the customer not to see the Identity management menu item, but directly an item named User management. How should I do this?
I have noticed something else:
User has permission to edit a user. Now the item “Sessions” appears in the action menu. If I want to open this, the error message Volo.Abp.Authorization.AbpAuthorizationException
appears (because the user has not set the “Sessions” permission). This should then also not be available in the menu.
Thanks, Adrian
We would like to use the payment module under Blazor Server. We would currently do this with Stripe as provider. In the end, a tenant should be able to buy a subscription and thus activate services on our platform.
We have studied the documentation, but it leaves some questions unanswered, especially in relation to Blazor. Much is still very unclear and is like a trial and error process to implement this.
Code
property in the PaymentRequestProduct
correspond to the Product-ID in Stripe?There will probably be a few more questions, but this is for now.
Thanks, Adrian
I am using the LeptonX theme in Blazor Server and have the following problem with the menu: From my overview list I open an entry for editing, which is displayed in a separate Razor page. Unfortunately, the selection in the menu remains on the previous item. As a result, I can no longer select this menu item to return to the list (menu items that have already been selected cannot be selected a second time).
I would actually like to do the following in my edit page:
PageLayout.MenuItemName = string.Empty;
But unfortunately this does not work... Is there any other way to delete the menu selection?
I am working with version 8.2.0-rc.5 (new Blazor Server project) and have the problem that I have to log in almost every time I start the application from Visual Studio, even if I select "Remember me". Sometimes the automatic login works, but only very rarely and I have not yet found out when this is the case.
Also, the background of the login page is purple instead of blue and after logging in, the dark theme is shortly displayed before it automatically switches to the system theme. I also have to click away the cookie message every time.
UPDATE: I also found out that the problem does not occur when I keep the page open in another browser window. Then I can restart the application from Visual Studio and the automatic login etc. works.
NOTE: I have already posted the problem under Bugs & Issues v8.2.x, but have now found out that the problem also occurs in 8.1.0 under certain circumstances. So I think it has to do with the configuration.
2024-06-07 15:45:54.755 +02:00 [INF] Request starting HTTP/1.1 GET http://localhost:3000/api/abpSuite/solutions/7384c0a3-fafd-490e-ab37-0f5fea69a2f1/is-built - application/json null 2024-06-07 15:45:54.755 +02:00 [INF] Executing endpoint 'Volo.Abp.Suite.Controllers.AbpSuiteController.IsSolutionBuiltAsync (Volo.Abp.Suite)' 2024-06-07 15:45:54.755 +02:00 [INF] Route matched with {action = "IsSolutionBuilt", controller = "AbpSuite", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[System.Boolean] IsSolutionBuiltAsync(System.Guid) on controller Volo.Abp.Suite.Controllers.AbpSuiteController (Volo.Abp.Suite). 2024-06-07 15:45:54.764 +02:00 [WRN] ---------- RemoteServiceErrorInfo ---------- { "code": null, "message": "Cannot find the directory ", "details": null, "data": {}, "validationErrors": null }
2024-06-07 15:45:54.764 +02:00 [WRN] Cannot find the directory Volo.Abp.UserFriendlyException: Cannot find the directory at Volo.Abp.Suite.Areas.AbpSuite.CrudPageGenerator.Services.SuiteAssemblyService.uPn9nvS1gR(String ) at Volo.Abp.Suite.Areas.AbpSuite.CrudPageGenerator.Services.SuiteAssemblyService.Kdx9mQx5O4(Solution , String& ) at Volo.Abp.Suite.Areas.AbpSuite.CrudPageGenerator.Services.SuiteAssemblyService.Ptv9vW5XHQ(Solution , String& ) at Volo.Abp.Suite.Areas.AbpSuite.CrudPageGenerator.Services.SuiteAssemblyService.AssemblyExists(Solution solution) at Volo.Abp.Suite.Areas.AbpSuite.CrudPageGenerator.Services.SolutionService.IsSolutionBuiltAsync(Guid solutionId) at Volo.Abp.Suite.Controllers.AbpSuiteController.IsSolutionBuiltAsync(Guid solutionId) at lambda_method2005(Closure, Object) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.
I wanted to change the path of my solution and moved it to another directory. I then removed the solution in the ABP Suite and added it again. When opening the entities or templates, the error message appears:
The error seems to occur in the IsSolutionBuiltAsync method. The same error occurs when calling it directly:
http://localhost:3000/api/abpSuite/solutions/7384c0a3-fafd-490e-ab37-0f5fea69a2f1/is-built
{"error":{"code":null,"message":"Cannot find the directory ","details":null,"data":{},"validationErrors":null}}
What I have already done / checked:
Since the code is not public, I unfortunately cannot find out what it wants to access... Good to know: It finds and displays the entity definition files.
I hope you can help me soon.
We have to apply certain CSPs (Content Security Headers) for our customer. I have problems with the following policy:
style-src 'self'
For example, the column widths are no longer set correctly in the DataGrid and, more importantly, the modal components are no longer displayed.
The policy looks like this:
options.UseContentSecurityPolicyHeader = true;
options.ContentSecurityPolicyValue = "base-uri 'self'; default-src 'none'; img-src 'self' data:; script-src 'self'; style-src 'self'; font-src 'self'; connect-src 'self'; frame-ancestors 'none'";
With style-src 'self' 'unsafe-inline'
it would work... but is not allowed.
Need a solution as soon as possible... Thank you!
Our customer gives us a certain authorization structure that is not quite standard. Different permissions should grant access to a service method (not just one permission as usual).
Example:
If I use the AuthorizeAttribute twice, the permissions are AND combined. However, I need them with an OR combination.
I tried it with my own AuthorizeAttribute, but failed. It also didn't work in combination with my own AuthorizationHandler, as I couldn't access the AuthorizationService there (-> circular dependency).
The only variant that worked was to implement this directly in the service method:
public virtual async Task<TargetSystemDto> CreateAsync(TargetSystemCreateDto input)
{
var authUserWrite = await AuthorizationService.AuthorizeAsync(_currentPrincipalAccessor.Principal, null, MyProjectPermissions.TargetSystems.UserWrite);
var authAgentWrite = await AuthorizationService.AuthorizeAsync(_currentPrincipalAccessor.Principal, null, MyProjectPermissions.TargetSystems.AgentWrite);
if (!authUserWrite.Succeeded && !authAgentWrite.Succeeded)
{
throw new AbpAuthorizationException();
}
var targetSystem = await _targetSystemManager.CreateAsync(...);
return ObjectMapper.Map<TargetSystem, TargetSystemDto>(targetSystem);
}
But I would prefer to have this in an attribute. So that I could call it up as follows, for example:
[AuthorizeWithOrCondition(MyProjectPermissions.TargetSystems.AgentWrite, MyProjectPermissions.TargetSystems.UserWrite)]
How could this be realized? There must be a way...
Thanks, Adrian
Our customer uses Microsoft Entra ID (Azure AD) as an external provider. A lifetime of 10 hours is configured in the conditional access policy. After 12 hours (or even longer), the page is reopened in the browser, but he does not have to authenticate again. One click on the Microsoft login button is enough and he is logged in. According to the setup in Entra, MFA would be required, but this query does not appear. He only had to do MFA the very first time he logged in.
We have been looking for the cause for a while now, but haven't found anything yet. What are we overlooking?
Second question on this topic: For logins with "local" ABP users (not via Microsoft Entra), we would like to configure that the user is automatically logged out after 15 minutes of inactivity.
I have set the following, but unfortunately this does not work:
PreConfigure<OpenIddictServerBuilder>(builder =>
{
builder.SetAccessTokenLifetime(TimeSpan.FromMinutes(15));
builder.SetIdentityTokenLifetime(TimeSpan.FromMinutes(15));
});
Thanks for help! Adrian
ABP Framework version: v8.0.4
UI Type: Blazor Server
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): no
Steps to reproduce the issue: Create a page generated with ABP Suite and start it in a low-performance environment (in our case in combination with Redis) and sort the entries, for example.
In relation to Redis and the associated poorer performance, we have noticed a bug in the page generated with the ABP Suite. If the page is re-rendered with await InvokeAsync(StateHasChanged);, this can cause the toolbar buttons to flicker. This can only be seen if the performance is not optimal, so it was probably not noticed during development.
Since this is not the case with the admin pages, I have compared the code with that of the user list. I could see the difference as follows:
abp/modules/identity/src/Volo.Abp.Identity.Blazor/Pages/Identity/UserManagement.razor:
If I change it so that the PageHeader is in the CardHeader, then the problem is solved and the toolbar is not re-rendered every time.
I realize that this is not ideal, as the PageHeader does not belong to the Search-Card, but maybe you can find a better way to solve the problem.
Other question: Loading Spinner: Can you also add the loading spinner to the DataGrid when you update this template? How can I add the same one that you are already using?
I have just updated two applications to version 8.0.3. Both use the LeptonX theme with the TopMenu layout. Unfortunately, the logo is no longer displayed after logging in (only the app name).
Please fix this or at least create a way to display the logo again.
I haven't found anything in the release notes about the reasons why this was removed... It's just a bit tedious when you get such surprises after every update and have to invest a lot of time in fixing it.
Regards, Adrian