Base solution for your next web application
Open Closed

Required permissions are not granted. At least one of .... #1604


User avatar
0
sampath created

Hi, I have followed this (<a class="postlink" href="https://www.aspnetzero.com/Documents/Development-Guide#token-based-authentication">https://www.aspnetzero.com/Documents/De ... entication</a>) article to set token based authentication.I have successfully done that.After that I have used same token to access below method.

[AbpAuthorize(AppPermissions.Pages_Tenant_PropertyManagement_AddNewProperty)]
        public async Task<ListResultOutput<StatusListDto>> GetAllStatusesAsync()
        {
           //code
        }

But it gives below error.Can you tell me why and how to sort out this issue ?

{
  "success": false,
  "result": null,
  "error": {
    "code": 0,
    "message": "Required permissions are not granted. At least one of these permissions must be granted: Pages.Tenant.PropertyManagement.AddNewProperty",
    "details": null,
    "validationErrors": null
  },
  "unAuthorizedRequest": true
}

Another Q : Can you tell me how to hide service layer methods from the Swagger dash board ?


7 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    Q1: Is the user you authenticated has needed permissions? Q2: I don't know that. You should check swagger documentation to know that if it has some filtering mechanism (probably it has).

  • User Avatar
    0
    sampath created

    Hi,

    Yes,Can you tell me how to do that ?

  • User Avatar
    0
    hikalkan created
    Support Team

    For the Q1, check users page (<a class="postlink" href="https://www.aspnetzero.com/Documents/Development-Guide#user-management">https://www.aspnetzero.com/Documents/De ... management</a> permission tree) to see if the user you used for token based auth has related permission.

  • User Avatar
    0
    sampath created

    Thanks.That is the reason for that.

    Another Question : Is there any place to put [AbpAuthorize()] attribute to apply it to whole service layer methods ? At this moment I have to set it each and every service layer class.

  • User Avatar
    0
    sampath created

    Hi , Can we do this ? Hope you'll give a feedback.Thanks.

    Is there any place to put [AbpAuthorize()] attribute to apply it to whole service layer methods ? At this moment I have to set it each and every service layer class.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    We dont have such a feature right now. You can create a github issue for ABP and we can discuss on it.

  • User Avatar
    0
    sampath created

    Hi, Sure.I'll do that.Thanks.