Starts in:
1 DAY
16 HRS
59 MIN
34 SEC
Starts in:
1 D
16 H
59 M
34 S

Activities of "alexander.nikonov"

Please check the log. The log will contain the time taken to read and write redis.

The situation is interesting. The log does not show a huge timing:

2024-08-16 04:25:13.454 -05:00 [INF] Request starting HTTP/1.1 GET https://localhost:44328/api/module-permission/roles/module/as-permissions?sorting=displayName%20asc&skipCount=0&maxResultCount=12000&isModuleRole=true&isGranted=true&id=d941cfc0-74b7-06b1-cb98-39fefb5fa915 - null null 2024-08-16 04:25:13.454 -05:00 [INF] CORS policy execution successful. 2024-08-16 04:25:14.725 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:U,pk:f6bfc02f-4400-1256-f3db-39fed7dc74b6,n:AbpIdentity.Roles 2024-08-16 04:25:14.728 -05:00 [DBG] Found in the cache: pn:U,pk:f6bfc02f-4400-1256-f3db-39fed7dc74b6,n:AbpIdentity.Roles 2024-08-16 04:25:14.733 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:14.735 -05:00 [DBG] Found in the cache: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:14.736 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:14.737 -05:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:14.738 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:CentralTools_App,n:AbpIdentity.Roles 2024-08-16 04:25:14.739 -05:00 [DBG] Found in the cache: pn:C,pk:CentralTools_App,n:AbpIdentity.Roles 2024-08-16 04:25:14.803 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:14.804 -05:00 [DBG] Found in the cache: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:14.804 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:14.806 -05:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:17.423 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:17.424 -05:00 [INF] Executing endpoint 'AbxEps.CentralTools.Controllers.ModulePermissions.ModulePermissionController.GetModuleRolesAsPermissionsAsync (AbxEps.CentralTools.HttpApi)' 2024-08-16 04:25:17.434 -05:00 [INF] Route matched with {area = "app", controller = "ModulePermission", action = "GetModuleRolesAsPermissions", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Volo.Abp.Application.Dtos.PagedResultDto1[Volo.Abp.PermissionManagement.PermissionGrantInfoDto]] GetModuleRolesAsPermissionsAsync(AbxEps.CT.ModulePermission.Roles.GetRolePermissionsInput) on controller AbxEps.CentralTools.Controllers.ModulePermissions.ModulePermissionController (AbxEps.CentralTools.HttpApi). 2024-08-16 04:25:17.601 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:U,pk:f6bfc02f-4400-1256-f3db-39fed7dc74b6,n:AbpIdentity.Roles 2024-08-16 04:25:17.603 -05:00 [DBG] Found in the cache: pn:U,pk:f6bfc02f-4400-1256-f3db-39fed7dc74b6,n:AbpIdentity.Roles 2024-08-16 04:25:17.603 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:17.604 -05:00 [DBG] Found in the cache: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:17.604 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:17.605 -05:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:17.605 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:CentralTools_App,n:AbpIdentity.Roles 2024-08-16 04:25:17.606 -05:00 [DBG] Found in the cache: pn:C,pk:CentralTools_App,n:AbpIdentity.Roles 2024-08-16 04:25:17.608 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:17.609 -05:00 [DBG] Found in the cache: pn:R,pk:Role 1,n:AbpIdentity.Roles 2024-08-16 04:25:17.609 -05:00 [DBG] PermissionStore.GetCacheItemAsync: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:17.610 -05:00 [DBG] Found in the cache: pn:R,pk:admin,n:AbpIdentity.Roles 2024-08-16 04:25:55.009 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.017 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.025 -05:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Application.Dtos.PagedResultDto`1[[Volo.Abp.PermissionManagement.PermissionGrantInfoDto, Volo.Abp.PermissionManagement.Application.Contracts, Version=8.1.3.0, Culture=neutral, PublicKeyToken=null]]'. 2024-08-16 04:25:55.036 -05:00 [INF] Executed action AbxEps.CentralTools.Controllers.ModulePermissions.ModulePermissionController.GetModuleRolesAsPermissionsAsync (AbxEps.CentralTools.HttpApi) in 37601.7587ms 2024-08-16 04:25:55.036 -05:00 [INF] Executed endpoint 'AbxEps.CentralTools.Controllers.ModulePermissions.ModulePermissionController.GetModuleRolesAsPermissionsAsync (AbxEps.CentralTools.HttpApi)' 2024-08-16 04:25:55.037 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.040 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.569 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.570 -05:00 [DBG] Added 0 entity changes to the current audit log 2024-08-16 04:25:55.571 -05:00 [INF] Request finished HTTP/1.1 GET https://localhost:44328/api/module-permission/roles/module/as-permissions?sorting=displayName%20asc&skipCount=0&maxResultCount=12000&isModuleRole=true&isGranted=true&id=d941cfc0-74b7-06b1-cb98-39fefb5fa915 - 200 24713 application/json; charset=utf-8 42117.6325ms

The DB is remote, everything the rest is localhost. But when there was no Redis - the timing was much better.

I did not transfer these lines to the project which now is responsible for Role Management:

    Configure<PermissionManagementOptions>(options =>
    {
        options.ManagementProviders.Add<ModulePermissionManagementProvider>();
        options.ProviderPolicies[ModulePermissionRoleValueProvider.ProviderName] = ModulePermissionConsts.RoleSubGroupName;
    });
    

After I added this, the permissions are properly reflected.

But I have noticed that now after moving to dynamic permissions and Redis, selecting the permissions (basically, invoking the method above) is very slow. Can it only be related to Redis? All Redis settings are default:

I have one more idea, please hold on.

hi

BTW, List<PermissionValueProviderInfo> Providers contains no elements which also looks weird to me, i think logically it always would have to contain at least 'MR' according to the DB and the corresponding screenshot above.

Can you debug the app to inject the IOptions<PermissionManagementOptions> to check its ManagementProviders property.

So I want to get the list, where input.IsGranted is true for let's say "Role 1". But now it returns me no such data (multipleGrantInfo.Result does not contain data where IsGranted is true). It used to return data properly before and as you were able to see from the screen above, there is data for "Role 1", the tenant is correct, the provider name, ModulePermissionRoleValueProvider.ProviderName, is correct ("MR"):

    public virtual async Task&lt;PagedResultDto&lt;PermissionGrantInfoDto&gt;> GetModuleRolesAsPermissionsAsync(GetRolePermissionsInput input)
    {
        var parentRole = await _identityRoleRepository.FindAsync(input.Id, false);
        if (parentRole == null)
        {
            throw new BusinessException(DomainErrorCodes.NotFound, _stringLocalizer.GetString("Roles:RoleNotFound"));
        }
        var permissionDefinitionGroups = await _permissionDefinitionManager.GetGroupsAsync();
    
        var permissionDefinitionModuleRoleGroup = permissionDefinitionGroups.FirstOrDefault(x => x.Name == ModulePermissionConsts.GroupName);
    
        if (permissionDefinitionModuleRoleGroup == null)
        {
            throw new ConfigurationErrorsException("Missing Module Role Permission Definition Group");
        }
    
        var groupDto = CreatePermissionGroupDto(permissionDefinitionModuleRoleGroup);
    
        var neededCheckPermissions = new List&lt;PermissionDefinition&gt;();
        foreach (var topLevelPermission in permissionDefinitionModuleRoleGroup.GetPermissionsWithChildren()
            .Where(x => x.Name != ModulePermissionConsts.RoleSubGroupName && x.IsEnabled && x.Providers.Contains(ModulePermissionRoleValueProvider.ProviderName)))
        {
            if (await _simpleStateCheckerManager.IsEnabledAsync(topLevelPermission))
            {
                neededCheckPermissions.Add(topLevelPermission);
            }
        }
    
        if (!neededCheckPermissions.Any())
        {
            return new PagedResultDto&lt;PermissionGrantInfoDto&gt;
            {
                TotalCount = 0,
                Items = new List&lt;PermissionGrantInfoDto&gt;()
            };
        }
    
        var grantInfoDtos = neededCheckPermissions.Select(CreatePermissionGrantInfoDto);
    
        var multipleGrantInfo = await _permissionManager.GetAsync
        (
            neededCheckPermissions.Select(x => x.Name).ToArray(), ModulePermissionRoleValueProvider.ProviderName, parentRole.Name
        );
    
        foreach (var grantInfo in multipleGrantInfo.Result.WhereIf(input.IsGranted.HasValue, x => x.IsGranted == input.IsGranted.Value))
        {
            var grantInfoDto = grantInfoDtos.First(x => x.Name == grantInfo.Name);
    
            grantInfoDto.IsGranted = grantInfo.IsGranted;
    
            foreach (var provider in grantInfo.Providers)
            {
                grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                {
                    ProviderName = provider.Name,
                    ProviderKey = provider.Key,
                });
            }
    
            groupDto.Permissions.Add(grantInfoDto);
        }
    
        return new PagedResultDto&lt;PermissionGrantInfoDto&gt;
        {
            TotalCount = groupDto.Permissions.Count,
            Items = groupDto.Permissions.ComplexOrderBy(input.Sorting).Skip(input.SkipCount).Take(input.MaxResultCount).ToList()
        };
    }
    

It looks to me that the method

    var multipleGrantInfo = await _permissionManager.GetAsync
    (
        neededCheckPermissions.Select(x => x.Name).ToArray(), ModulePermissionRoleValueProvider.ProviderName, parentRole.Name
    );
    

just ignores the value from DB now and so IsGranted is always false, because the input parameters here are all correct (neededCheckPermissions contains correct names, ProviderName is 'MR' and role name is 'Role 1'). BTW, List<PermissionValueProviderInfo> Providers contains no elements which also looks weird to me, i think logically it always would have to contain at least 'MR' according to the DB and the corresponding screenshot above.

Unfortunately, I cannot share our code. So I will try to cope with this myself and just share new details when I find our what's happening.

No, I did not change the data in DB. It is the same as it was before switching to Redis + dynamic permissions.

hi

If you got a new problem, You can create a new one.

Thanks.

Still, I eventually found the thing which does not work now. So we have had an additional mechanism of permissions, with a different provider name (MR). And it worked properly - in the given example, a usual role "Role 1" has permissions assigned, as you can see. However these permissions are all displayed as non-granted by standard methods after changing to dynamic permissions + Redis. Any clues why?

I did it and now everything seems to be in order. But now there is a long way to modify a custom mechanism of permissions we had in addition to the standard one and it was based on static permissions and built-in ABP cache.

I can close this ticket. But I do not guarantee I won't have further questions along the way. Should I close the ticket and then reopen if needed?

hi

Undefined feature: LeptonManagement.Enable

Can you test your code with a brand new database and redis?

Even if i tested it in a test solution using a clean DB (which is almost impossible), it would not help me to troubleshoot the error in our solution. I suggest to drilldown the error instead.

So I took a look a the DB and can see that the mentioned feature is present. Why is it reported as undefined?

Showing 41 to 50 of 289 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06