Base solution for your next web application
Open Closed

Policy based authorization #10990


User avatar
0
jtallon created

Prerequisites

  • What is your product version? 10.2.0

  • What is your product type (Angular or MVC)?Angular

  • What is product framework type (.net framework or .net core)? .net core

    Hi,

    Looking to add custom policy and requirement based authorization to asp net zero as per: https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-6.0#iauthorizationservice

It is working as intended but when i try to access a default repository to check for some values it seems like it hasn't been registered and I get an error:

I'm using constructor parameter injection in the requirement handler.

System.ArgumentNullException: Value cannot be null. (Parameter 'unitOfWork') at Abp.EntityFrameworkCore.Uow.UnitOfWorkExtensions.GetDbContext[TDbContext](IActiveUnitOfWork unitOfWork, Nullable1 multiTenancySide, String name) at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.GetContext() at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.<GetQueryableAsync>b__8_0(Type key) at System.Collections.Concurrent.ConcurrentDictionary2.GetOrAdd(TKey key, Func2 valueFactory) at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.GetQueryableAsync() at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.GetAllIncludingAsync(Expression1[] propertySelectors) at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.GetAllAsync() at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.FirstOrDefaultAsync(TPrimaryKey id) at TCM.Web.Startup.Authorization.TeamMemberAuthorizationHandler.HandleRequirementAsync(AuthorizationHandlerContext context, TeamMemberRequirement requirement) in C:\Users\EKeane\source\repos\TCM\aspnet-core\src\TCM.Web.Host\Startup\Authorization\TeamMemberAuthorizationHandler.cs:line 66 at Microsoft.AspNetCore.Authorization.AuthorizationHandler1.HandleAsync(AuthorizationHandlerContext context) at Microsoft.AspNetCore.Authorization.DefaultAuthorizationService.AuthorizeAsync(ClaimsPrincipal user, Object resource, IEnumerable1 requirements) at Microsoft.AspNetCore.Authorization.Policy.PolicyEvaluator.AuthorizeAsync(AuthorizationPolicy policy, AuthenticateResult authenticationResult, HttpContext context, Object resource) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Abp.AspNetZeroCore.Web.Authentication.JwtBearer.JwtTokenMiddleware.<>c__DisplayClass0_0.<<UseJwtTokenMiddleware>b__0>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

Any help appreciated


1 Answer(s)
  • User Avatar
    0
    jtallon created

    Ok, so I managed to get this working by injecting the UOW manager into the Authorization Handler:

    using (var uow = _unitOfWorkManager.Begin())
    {
    	var exampleEntity = await  _entityRepository.FirstOrDefaultAsync(entityId);
    
    	var teamId = exampleEntity?.TeamId;
    
       ........
    }