I'm struggling to get around how to manage permissions, permissions no longer used and permissions per role.
Thanks!
That sounds good! Thank you!
Hi,
Over the last 11 months, we've been using ABP, and we are happy about it. However, I have been ignoring some key security alerts emitted by GitHub Dependabot and I'd like to know if the ABP team is currently using something along the lines and, also, when there will be an update to the following vulnerabilities:
HIGH
MEDIUM
LOW
Please, let me know how I can ensure my apps are up-to-date and compliant with the latest security standards. Thanks!
Amazing! That works! Thanks.
I'm using background jobs to perform certain tasks. One of them is to create tenants based on our requirements.
The issue I'm dealing with is authorising my processes to use **IEditionAppService **and ITenantAppService, which require certain policies ("Saas.Editions" and "Saas.Tenants")
Given that my process is initiated in the background, obviously it is not authenticated when trying to call those endpoints resulting in Abp Auth Exception.
Question: What's the best way for me to bypass the need for authorisation on those services or for me to call them as if they could "allow anonymous"? Using context.Services.AddAlwaysAllowAuthorization();
is not an option unless we could do it just in the context of the background jobs.
If possible, provide me with examples on how I can elevate the privileges of my background processes to run as 'admin'.
Thanks!
I managed on my own.
Hi,
Where does ABP store Tenant Feature Settings & Edition Feature Settings?
I'm considering adding some defaults as part of the EF Migration.
Thanks
Hi,
I'm having a hard time trying to migrate to .NET 8 using the tutorials on the ABP from the website such as https://docs.abp.io/en/abp/8.0/Migration-Guides/Abp-8_0 and https://blog.abp.io/abp/announcing-abp-8-0-release-candidate
I noticed there are no v8.0.0 (not even in the release candidate versions) for the packages 'Volo.Abp.Account.Pro.*. Are they in the process of being migrated to .NET8? What to do with them in the meantime?
Thanks
Thanks for the link! I had seen that bit already.
Authenticating with Auth0 will be fine, I'm sure. Still, I'm looking for guidance on how to use a 3rd party but also continue to leverage ABP's authorisation bits like permissions, roles, current tenant identification and all that.
Could you please help me with that? What are the things that will break into ABPs authorisation system when I decide to not use the out-of-the-box auth server? What are the things to be replaced/re-written/extended?
Thanks @maliming!
Would you have any examples of how to replace AddOpenIdConnect
? If I manage to replace that with Auth0, do I still have to keep the ABP's Identity Server alive?