Base solution for your next web application
Open Closed

Authorization problem in AbpUserConfiguration/GetAll #12304

User avatar
0
mehmetdurmaz created

In the AbpUserConfiguration/GetAll service, the permissions that i did not define to the role come as true. When i check from the DB, there are no records of the relevant permissions. ABP manages this service itself and i cannot intervene. What can i do here?

Go to accepted answer
11 Answer(s)
  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @mehmetdurmaz,

    Could you share the AppAuthorizationProvider?

  • User Avatar
    0
    mehmetdurmaz created

    of course i will share.

    i deleted the ones belonging to abp due to character limit.

    `public class AppAuthorizationProvider : AuthorizationProvider { private readonly bool _isMultiTenancyEnabled;

        public AppAuthorizationProvider(bool isMultiTenancyEnabled)
    {
        _isMultiTenancyEnabled = isMultiTenancyEnabled;
    }

    public AppAuthorizationProvider(IMultiTenancyConfig multiTenancyConfig)
    {
        _isMultiTenancyEnabled = multiTenancyConfig.IsEnabled;
    }

    public override void SetPermissions(IPermissionDefinitionContext context)
    {
        var pages = context.GetPermissionOrNull(AppPermissions.Pages) ?? context.CreatePermission(AppPermissions.Pages, L("Pages"));

        var products = pages.CreateChildPermission(AppPermissions.Pages_Products, L("Products"), multiTenancySides: MultiTenancySides.Tenant);
        products.CreateChildPermission(AppPermissions.Pages_Products_Create, L("CreateNewProduct"), multiTenancySides: MultiTenancySides.Tenant);
        products.CreateChildPermission(AppPermissions.Pages_Products_Edit, L("EditProduct"), multiTenancySides: MultiTenancySides.Tenant);
        products.CreateChildPermission(AppPermissions.Pages_Products_Delete, L("DeleteProduct"), multiTenancySides: MultiTenancySides.Tenant);

        var addresses = pages.CreateChildPermission(AppPermissions.Pages_Addresses, L("Addresses"), multiTenancySides: MultiTenancySides.Tenant);
        addresses.CreateChildPermission(AppPermissions.Pages_Addresses_Create, L("CreateNewAddress"), multiTenancySides: MultiTenancySides.Tenant);
        addresses.CreateChildPermission(AppPermissions.Pages_Addresses_Edit, L("EditAddress"), multiTenancySides: MultiTenancySides.Tenant);
        addresses.CreateChildPermission(AppPermissions.Pages_Addresses_Delete, L("DeleteAddress"), multiTenancySides: MultiTenancySides.Tenant);

        var taxCodes = pages.CreateChildPermission(AppPermissions.Pages_TaxCodes, L("TaxCodes"), multiTenancySides: MultiTenancySides.Tenant);
        taxCodes.CreateChildPermission(AppPermissions.Pages_TaxCodes_Create, L("CreateNewTaxCode"), multiTenancySides: MultiTenancySides.Tenant);
        taxCodes.CreateChildPermission(AppPermissions.Pages_TaxCodes_Edit, L("EditTaxCode"), multiTenancySides: MultiTenancySides.Tenant);
        taxCodes.CreateChildPermission(AppPermissions.Pages_TaxCodes_Delete, L("DeleteTaxCode"), multiTenancySides: MultiTenancySides.Tenant);

        var purchasingGroups = pages.CreateChildPermission(AppPermissions.Pages_PurchasingGroups, L("PurchasingGroups"), multiTenancySides: MultiTenancySides.Tenant);
        purchasingGroups.CreateChildPermission(AppPermissions.Pages_PurchasingGroups_Create, L("CreateNewPurchasingGroup"), multiTenancySides: MultiTenancySides.Tenant);
        purchasingGroups.CreateChildPermission(AppPermissions.Pages_PurchasingGroups_Edit, L("EditPurchasingGroup"), multiTenancySides: MultiTenancySides.Tenant);
        purchasingGroups.CreateChildPermission(AppPermissions.Pages_PurchasingGroups_Delete, L("DeletePurchasingGroup"), multiTenancySides: MultiTenancySides.Tenant);

        var categories = pages.CreateChildPermission(AppPermissions.Pages_Categories, L("Categories"), multiTenancySides: MultiTenancySides.Tenant);
        categories.CreateChildPermission(AppPermissions.Pages_Categories_Create, L("CreateNewCategory"), multiTenancySides: MultiTenancySides.Tenant);
        categories.CreateChildPermission(AppPermissions.Pages_Categories_Edit, L("EditCategory"), multiTenancySides: MultiTenancySides.Tenant);
        categories.CreateChildPermission(AppPermissions.Pages_Categories_Delete, L("DeleteCategory"), multiTenancySides: MultiTenancySides.Tenant);

        var documents = pages.CreateChildPermission(AppPermissions.Pages_Documents, L("Documents"), multiTenancySides: MultiTenancySides.Tenant);
        documents.CreateChildPermission(AppPermissions.Pages_Documents_Create, L("CreateNewDocument"), multiTenancySides: MultiTenancySides.Tenant);
        documents.CreateChildPermission(AppPermissions.Pages_Documents_Edit, L("EditDocument"), multiTenancySides: MultiTenancySides.Tenant);
        documents.CreateChildPermission(AppPermissions.Pages_Documents_Delete, L("DeleteDocument"), multiTenancySides: MultiTenancySides.Tenant);

        var budgets = pages.CreateChildPermission(AppPermissions.Pages_Budgets, L("Budgets"), multiTenancySides: MultiTenancySides.Tenant);
        budgets.CreateChildPermission(AppPermissions.Pages_Budgets_Create, L("CreateNewBudget"), multiTenancySides: MultiTenancySides.Tenant);
        budgets.CreateChildPermission(AppPermissions.Pages_Budgets_Edit, L("EditBudget"), multiTenancySides: MultiTenancySides.Tenant);
        budgets.CreateChildPermission(AppPermissions.Pages_Budgets_Delete, L("DeleteBudget"), multiTenancySides: MultiTenancySides.Tenant);

        var projects = pages.CreateChildPermission(AppPermissions.Pages_Projects, L("Projects"), multiTenancySides: MultiTenancySides.Tenant);
        projects.CreateChildPermission(AppPermissions.Pages_Projects_Create, L("CreateNewProject"), multiTenancySides: MultiTenancySides.Tenant);
        projects.CreateChildPermission(AppPermissions.Pages_Projects_Edit, L("EditProject"), multiTenancySides: MultiTenancySides.Tenant);
        projects.CreateChildPermission(AppPermissions.Pages_Projects_Delete, L("DeleteProject"), multiTenancySides: MultiTenancySides.Tenant);

        var paymentTypes = pages.CreateChildPermission(AppPermissions.Pages_PaymentTypes, L("PaymentTypes"), multiTenancySides: MultiTenancySides.Tenant);
        paymentTypes.CreateChildPermission(AppPermissions.Pages_PaymentTypes_Create, L("CreateNewPaymentType"), multiTenancySides: MultiTenancySides.Tenant);
        paymentTypes.CreateChildPermission(AppPermissions.Pages_PaymentTypes_Edit, L("EditPaymentType"), multiTenancySides: MultiTenancySides.Tenant);
        paymentTypes.CreateChildPermission(AppPermissions.Pages_PaymentTypes_Delete, L("DeletePaymentType"), multiTenancySides: MultiTenancySides.Tenant);

        var costCenters = pages.CreateChildPermission(AppPermissions.Pages_CostCenters, L("CostCenters"), multiTenancySides: MultiTenancySides.Tenant);
        costCenters.CreateChildPermission(AppPermissions.Pages_CostCenters_Create, L("CreateNewCostCenter"), multiTenancySides: MultiTenancySides.Tenant);
        costCenters.CreateChildPermission(AppPermissions.Pages_CostCenters_Edit, L("EditCostCenter"), multiTenancySides: MultiTenancySides.Tenant);
        costCenters.CreateChildPermission(AppPermissions.Pages_CostCenters_Delete, L("DeleteCostCenter"), multiTenancySides: MultiTenancySides.Tenant);

        var gainLossTypes = pages.CreateChildPermission(AppPermissions.Pages_GainLossTypes, L("GainLossTypes"), multiTenancySides: MultiTenancySides.Tenant);
        gainLossTypes.CreateChildPermission(AppPermissions.Pages_GainLossTypes_Create, L("CreateNewGainLossType"), multiTenancySides: MultiTenancySides.Tenant);
        gainLossTypes.CreateChildPermission(AppPermissions.Pages_GainLossTypes_Edit, L("EditGainLossType"), multiTenancySides: MultiTenancySides.Tenant);
        gainLossTypes.CreateChildPermission(AppPermissions.Pages_GainLossTypes_Delete, L("DeleteGainLossType"), multiTenancySides: MultiTenancySides.Tenant);

        var warehouses = pages.CreateChildPermission(AppPermissions.Pages_Warehouses, L("Warehouses"), multiTenancySides: MultiTenancySides.Tenant);
        warehouses.CreateChildPermission(AppPermissions.Pages_Warehouses_Create, L("CreateNewWarehouse"), multiTenancySides: MultiTenancySides.Tenant);
        warehouses.CreateChildPermission(AppPermissions.Pages_Warehouses_Edit, L("EditWarehouse"), multiTenancySides: MultiTenancySides.Tenant);
        warehouses.CreateChildPermission(AppPermissions.Pages_Warehouses_Delete, L("DeleteWarehouse"), multiTenancySides: MultiTenancySides.Tenant);

        var branchs = pages.CreateChildPermission(AppPermissions.Pages_Branchs, L("Branchs"), multiTenancySides: MultiTenancySides.Tenant);
        branchs.CreateChildPermission(AppPermissions.Pages_Branchs_Create, L("CreateNewBranch"), multiTenancySides: MultiTenancySides.Tenant);
        branchs.CreateChildPermission(AppPermissions.Pages_Branchs_Edit, L("EditBranch"), multiTenancySides: MultiTenancySides.Tenant);
        branchs.CreateChildPermission(AppPermissions.Pages_Branchs_Delete, L("DeleteBranch"), multiTenancySides: MultiTenancySides.Tenant);

        var approvalGroups = pages.CreateChildPermission(AppPermissions.Pages_ApprovalGroup, L("ApprovalGroup"), multiTenancySides: MultiTenancySides.Tenant);
        approvalGroups.CreateChildPermission(AppPermissions.Pages_ApprovalGroup_Create, L("CreateNewApprovalGroup"), multiTenancySides: MultiTenancySides.Tenant);
        approvalGroups.CreateChildPermission(AppPermissions.Pages_ApprovalGroup_Edit, L("EditApprovalGroup"), multiTenancySides: MultiTenancySides.Tenant);
        approvalGroups.CreateChildPermission(AppPermissions.Pages_ApprovalGroup_Delete, L("DeleteApprovalGroup"), multiTenancySides: MultiTenancySides.Tenant);

        var approvalRules = pages.CreateChildPermission(AppPermissions.Pages_ApprovalRules, L("ApprovalRules"), multiTenancySides: MultiTenancySides.Tenant);
        approvalRules.CreateChildPermission(AppPermissions.Pages_ApprovalRules_Create, L("CreateNewApprovalRules"), multiTenancySides: MultiTenancySides.Tenant);
        approvalRules.CreateChildPermission(AppPermissions.Pages_ApprovalRules_Edit, L("EditApprovalRules"), multiTenancySides: MultiTenancySides.Tenant);
        approvalRules.CreateChildPermission(AppPermissions.Pages_ApprovalRules_Delete, L("DeleteApprovalRules"), multiTenancySides: MultiTenancySides.Tenant);

        var approvalLimits = pages.CreateChildPermission(AppPermissions.Pages_ApprovalLimit, L("ApprovalLimit"), multiTenancySides: MultiTenancySides.Tenant);
        approvalLimits.CreateChildPermission(AppPermissions.Pages_ApprovalLimit_Create, L("CreateNewApprovalLimit"), multiTenancySides: MultiTenancySides.Tenant);
        approvalLimits.CreateChildPermission(AppPermissions.Pages_ApprovalLimit_Edit, L("EditApprovalLimit"), multiTenancySides: MultiTenancySides.Tenant);
        approvalLimits.CreateChildPermission(AppPermissions.Pages_ApprovalLimit_Delete, L("DeleteApprovalLimit"), multiTenancySides: MultiTenancySides.Tenant);

        var cancelReasons = pages.CreateChildPermission(AppPermissions.Pages_CancelReason, L("CancelReason"), multiTenancySides: MultiTenancySides.Tenant);
        cancelReasons.CreateChildPermission(AppPermissions.Pages_CancelReason_Create, L("CreateNewCancelReason"), multiTenancySides: MultiTenancySides.Tenant);
        cancelReasons.CreateChildPermission(AppPermissions.Pages_CancelReason_Edit, L("EditCancelReason"), multiTenancySides: MultiTenancySides.Tenant);
        cancelReasons.CreateChildPermission(AppPermissions.Pages_CancelReason_Delete, L("DeleteCancelReason"), multiTenancySides: MultiTenancySides.Tenant);
        
        var vias = pages.CreateChildPermission(AppPermissions.Pages_Via, L("Via"), multiTenancySides: MultiTenancySides.Tenant);
        vias.CreateChildPermission(AppPermissions.Pages_Via_Create, L("CreateNewVia"), multiTenancySides: MultiTenancySides.Tenant);
        vias.CreateChildPermission(AppPermissions.Pages_Via_Edit, L("EditVia"), multiTenancySides: MultiTenancySides.Tenant);
        vias.CreateChildPermission(AppPermissions.Pages_Via_Delete, L("DeleteVia"), multiTenancySides: MultiTenancySides.Tenant);

        var requests = pages.CreateChildPermission(AppPermissions.Pages_Requests, L("Requests"), multiTenancySides: MultiTenancySides.Tenant);
        requests.CreateChildPermission(AppPermissions.Pages_Requests_Create, L("CreateOrUpdateRequests"), multiTenancySides: MultiTenancySides.Tenant);
        
        var approvals = pages.CreateChildPermission(AppPermissions.Pages_Approval, L("Approvals"), multiTenancySides: MultiTenancySides.Tenant);
        approvals.CreateChildPermission(AppPermissions.Pages_Approval_AddNote, L("AddNote"), multiTenancySides: MultiTenancySides.Tenant);

        var offers = pages.CreateChildPermission(AppPermissions.Pages_Offers, L("Offers"), multiTenancySides: MultiTenancySides.Tenant);
        offers.CreateChildPermission(AppPermissions.Pages_Offers_Create, L("CreateOffers"), multiTenancySides: MultiTenancySides.Tenant);
        offers.CreateChildPermission(AppPermissions.Pages_Offers_Update, L("UpdateOffers"), multiTenancySides: MultiTenancySides.Tenant);
        offers.CreateChildPermission(AppPermissions.Pages_Offers_Cancel, L("CancelOffers"), multiTenancySides: MultiTenancySides.Tenant);
        offers.CreateChildPermission(AppPermissions.Pages_Offers_DetailUpdate, L("CreateOrUpdateOfferDetails"), multiTenancySides: MultiTenancySides.Tenant);
        offers.CreateChildPermission(AppPermissions.Pages_Offers_DetailDelete, L("DeleteOfferDetails"), multiTenancySides: MultiTenancySides.Tenant);
        
        var suppliers = pages.CreateChildPermission(AppPermissions.Pages_Suppliers, L("Suppliers"), multiTenancySides: MultiTenancySides.Tenant);
        suppliers.CreateChildPermission(AppPermissions.Pages_Suppliers_Create, L("Create"), multiTenancySides: MultiTenancySides.Tenant);
        suppliers.CreateChildPermission(AppPermissions.Pages_Suppliers_Update, L("Update"), multiTenancySides: MultiTenancySides.Tenant);
        suppliers.CreateChildPermission(AppPermissions.Pages_Suppliers_Bank, L("Bank"), multiTenancySides: MultiTenancySides.Tenant);
        suppliers.CreateChildPermission(AppPermissions.Pages_Suppliers_Address, L("Address"), multiTenancySides: MultiTenancySides.Tenant);
        
        //SUPPLIER PERMISSIONS
        var supplierPages = pages.CreateChildPermission(AppPermissions.SupplierPages, L("Suppliers"), multiTenancySides: MultiTenancySides.Tenant);
        supplierPages.CreateChildPermission(AppPermissions.SupplierPages_OfferList, L("OfferRequestList"), multiTenancySides: MultiTenancySides.Tenant);
    }
}`
  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @mehmetdurmaz,

    I couldn't fully understand the problem. If you have defined the Supplier permission in the AppAuthorizationProvider, the GetAll method retrieves all the permissions available in the application, and the permissions on the front are handled accordingly.

    What exactly is the error you are encountering?

  • User Avatar
    0
    mehmetdurmaz created

    i did not give the permission related to the role. Even though it is not in the role and this permission is not in the DB, it still seems to have permission.

  • User Avatar
    0
    mehmetdurmaz created

    I guess i didn't explain my problem. In the AbpUserConfiguration/GetAll service, permissions that do not belong to the user's role are coming. When i check the permissions belonging to the user role from the AbpPermission table in DB, i see that the relevant permissions are not defined there. There seems to be some confusion here...

  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @mehmetdurmaz,

    I tested it locally but I can't reproduce it.

    Do you think permissions that the user does not have come in granted permissions? So what happens when an unauthorized operation is attempted?

  • User Avatar
    0
    mehmetdurmaz created

    yes, the permissions that we do not allow come under grantedPermissions. i have not tested but we provide visibility in the menu according to the permissions received. so we cannot hide the menu.

  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @mehmetdurmaz,

    I tested but I can't reproduce it. Could you share your project or sample project?

  • User Avatar
    0
    mehmetdurmaz created

    Since it would be difficult to simulate a similar scenario, we would like to demonstrate it through our own project. How can i share the project with you?

  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @mehmetdurmaz,

    You can share your project with [email protected]

  • User Avatar
    0
    mehmetdurmaz created

    roleManagementConfig.StaticRoles.Add(new StaticRoleDefinition(StaticRoleNames.Tenants.Admin, MultiTenancySides.Tenant, grantAllPermissionsByDefault: true));

    After deleting the grantAllPermissionsByDefault value from the line above and using it as below and transferring permissions, it was fixed. It is now working as we wanted.

    Thank you.

    roleManagementConfig.StaticRoles.Add(new StaticRoleDefinition(StaticRoleNames.Tenants.Admin, MultiTenancySides.Tenant));

Assignee
No one
Labels
None yet