Login As Tenant -VS- Login As User
AspNetZero v8.4, Abp 5.5, Mvc/jQuery
Description of Issue An issue came up where a user had been granted permission to login as a tenant but was NOT granted permission to login as a user. The UI correctly presented the user with the opportunity to login as one of the tenant's users, but then failed immedaitely when they selected a target user account from the list.
Assessment It seems like tenant impersonation is useless without user impersonation. So, how is tenant impersonation really supposed to work? I can think of two ways.
Option #1 - treat tenant impersonation as a broader form of user impersonation. Whereever user impersonation rights are allowed, also allow tenant impersonation. The net effect is that granting tenant impersonation automatically grants user impersonation (regardless of the specific state of user impersonation permission).
Option #2 - treat tenant impersonation as a specific form of user impersonation. When exercising the tenant impersonation right in the absence of the user impersonation right, DO NOT display a list of user accounts, but immediately login as the admin user account of the specified tenant. However, if the user impersonation right is ALSO granted, then display the user list for selection of a specific account to impersonate.
Question What am I missing? Why does the system function the way it does today, where both permissions have to be enabled in order to effectively grant tenant impersonation?
1 Answer(s)
-
0
Hi @BigCDogCrew
Thank you for reporting this, I have created an issue, please follow https://github.com/aspnetzero/aspnet-zero-core/issues/4010
