Hi,
I implemented Elsa and everything works fine but Elsa is accessible without connecting how to force you to be connected to access it
i added : ` services.AddMvc() .AddRazorPagesOptions(options => {
options.Conventions.AuthorizePage("/Workflows");
});
But doesn't work`, i would like to integrated Aspnet zero App permissions
).AddItem(new MenuItemDefinition( AppPageNames.Common.Elsa, L("Workflows"), url: "/Workflows", icon: "flaticon-map", permissionDependency: new SimplePermissionDependency(AppPermissions.Pages_Workflows)
thks
3 Answer(s)
-
0
Hi @Bernard
You can use
PermissionChecker.IsGrantedAsyncin the cshtml file and show/hide any content or you can redirect user to a different page. -
0
Hi,
Sorry i don't understand how i can achieve this ?
Thks for your help
-
0
Hi Bernard,
You can write a custom middleware like this one;
public class ElsaAuthenticationMiddleware { private readonly RequestDelegate _next; public ElsaAuthenticationMiddleware(RequestDelegate next) { _next = next; } public async Task InvokeAsync(HttpContext context) { var url = context.Request.Path.Value; var isElsaUrl = IsElsaUrl(url); if (isElsaUrl) { if (!await IocManager.Instance.Resolve<IPermissionChecker>() .IsGrantedAsync(AppPermissions.Pages_Workflows)) { throw new AbpAuthorizationException(); } } // Call the next delegate/middleware in the pipeline. await _next(context); } private static bool IsElsaUrl(string url) { if (string.IsNullOrEmpty(url)) { return false; } List<string> elsaUrls = [ "/Workflows", "/workflow-definitions", "workflow-instances", "workflow-registry" ]; return elsaUrls.Any(x => x.StartsWith("/Workflows", true, CultureInfo.InvariantCulture)); } }and use it in your Startup.cs;
app.UseAuthentication(); app.UseMiddleware<ElsaAuthenticationMiddleware>();I have updatet the Elsa sample with this change.
