Activities of "liangshiwei"

I will check it

Angular side should be the URL configuration of the backend, not azuread

The admin user is automatically created when the new tenant is created. With the customer's e-mail address and password.

You don't need to extend TenantAppService, you can use data seeder.: https://abp.io/docs/latest/framework/infrastructure/data-seeding

This is easy to reproduce: Revoke a user's rights to the sessions. But he still has the rights for user management. Then click in actions menu to the item "Sessions". Popup opens, but the data cannot be loaded due to missing authorizations. Because the error is not caught, the popup cannot be closed and the page must be reloaded.

i could not reproduce the problem

Hi,

This is a normal response, 401 is a standard unauthorized return HTTP code, and you can handle it in UI.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/401

Hi,

can you share the full error logs?

I will check it.

I would also like to know what you would suggest as best practice for such a scenario as I have described?

As I said before, you can hide the admin account.

What do you mean by “tenant simulation”? I assume you mean the “Login with this tenant” button. But this only works if an admin user is assigned to the tenant. However, I mean the option of being able to log in to the tenants with the host admin and having admin rights

actually, this is impossible. Because tenants and host data are independent

I could not reproduce the problem.

my steps:

• abp new Qa7900
• Run dbmigrator
• Add a page named index under the /Pages/Inventory/Items
• Add index.js file

Because the user has rights to the user management, he can delete or change our admin user. Of course, it would be best if he could not even see this user. Otherwise, however, the admin user would have to be protected against deletion/modification. What is the best way to protect or hide it?

you can override the IdentityUserAppService to hide admin from return. and override the update/delete method.

Would there be a way that the host admin user could log in to all tenants and have admin rights? Or does that make no sense / is impossible? Then you could remove the admin user from the tenant.

You can use the tenant simulation feature

I would also like the customer not to see the Identity management menu item, but directly an item named User management. How should I do this?

you can add a new MainMenuContributor to change the menu name.

for example:

if(currentUser.name != "admin")
{
    var administrationMenu = context.Menu.GetAdministration();
    administrationMenu.TryRemoveMenuItem("AbpIdentity");
    administrationMenu.AddItem(new ApplicationMenuItem(IdentityProMenus.Users, new FixedLocalizableString("User management"), url: "~/identity/users").RequirePermissions(IdentityPermissions.Users.Default));
}
 

Hi,

I think this is related to RabbitMQ server, you can check this https://stackoverflow.com/questions/64096600/rabbitmq-connection-refused-127-0-0-15672