Required permissions are not granted. At least one of .... #1604

sampath created 7 years ago

Hi, I have followed this (<a class="postlink" href="https://www.aspnetzero.com/Documents/Development-Guide#token-based-authentication">https://www.aspnetzero.com/Documents/De ... entication</a>) article to set token based authentication.I have successfully done that.After that I have used same token to access below method.

[AbpAuthorize(AppPermissions.Pages_Tenant_PropertyManagement_AddNewProperty)]
        public async Task<ListResultOutput<StatusListDto>> GetAllStatusesAsync()
        {
           //code
        }

But it gives below error.Can you tell me why and how to sort out this issue ?

{
  "success": false,
  "result": null,
  "error": {
    "code": 0,
    "message": "Required permissions are not granted. At least one of these permissions must be granted: Pages.Tenant.PropertyManagement.AddNewProperty",
    "details": null,
    "validationErrors": null
  },
  "unAuthorizedRequest": true
}

Another Q : Can you tell me how to hide service layer methods from the Swagger dash board ?

7 Answer(s)

0

hikalkan created 7 years ago
Support Team

Q1: Is the user you authenticated has needed permissions? Q2: I don't know that. You should check swagger documentation to know that if it has some filtering mechanism (probably it has).
0

sampath created 7 years ago

Hi,

Yes,Can you tell me how to do that ?
0

hikalkan created 7 years ago
Support Team

For the Q1, check users page (<a class="postlink" href="https://www.aspnetzero.com/Documents/Development-Guide#user-management">https://www.aspnetzero.com/Documents/De ... management</a> permission tree) to see if the user you used for token based auth has related permission.
0

sampath created 7 years ago

Thanks.That is the reason for that.

Another Question : Is there any place to put [AbpAuthorize()] attribute to apply it to whole service layer methods ? At this moment I have to set it each and every service layer class.
0

sampath created 7 years ago

Hi , Can we do this ? Hope you'll give a feedback.Thanks.

Is there any place to put [AbpAuthorize()] attribute to apply it to whole service layer methods ? At this moment I have to set it each and every service layer class.
0

ismcagdas created 7 years ago
Support Team

Hi,

We dont have such a feature right now. You can create a github issue for ABP and we can discuss on it.
0

sampath created 7 years ago

Hi, Sure.I'll do that.Thanks.

Have an answer to this question? Log in and write your answer.