Hi there, i would like to seed permissions into my database. Since there is no IPermissionDefinitionContext available when working with InitialDataBuilder, I do not know how to do that. Do I have to create my own AuthorizationProvider for that? Any advice would be awesome.
4 Answer(s)
-
0
Use PermissionFinder static class. Example:
//Grant all permissions var permissions = PermissionFinder .GetAllPermissions(new AppAuthorizationProvider()) .Where(p => p.MultiTenancySides.HasFlag(MultiTenancySides.Tenant)) .ToList(); foreach (var permission in permissions) { if (!permission.IsGrantedByDefault) { _context.Permissions.Add( new RolePermissionSetting { Name = permission.Name, IsGranted = true, RoleId = adminRoleForDefaultTenant.Id }); } } -
0
Thank you, that worked (though I am not able to use IPermissionDefinitionContext).
I have set up Permission "Administration" like so: _context.Permissions.Add(new RolePermissionSetting { Name = "Administration", IsGranted = true, RoleId = 2 });
But when adding the Permission to NavigationProvider, like this: context.Manager.MainMenu .AddItem( new MenuItemDefinition( "Administration", new LocalizableString("Administration", "[MyAppName]"), // I use the Const here icon: "fa fa-cogs", requiresAuthentication: true, requiredPermissionName: "Administration" ));
I see an error in Developer Tools: <a class="postlink" href="http://localhost:6334/AbpScripts/GetScripts">http://localhost:6334/AbpScripts/GetScripts</a> Failed to load resource: the server responded with a status of 500 (Internal Server Error)
Logs say this: ERROR 2015-10-13 10:20:08,845 [9 ] .Mvc.Controllers.AbpHandleErrorAttribute - Abp.AbpException: There is no permission with name: Administration
DB looks like this: 3 Administration True 13.10.2015 10:18:07 NULL 3 NULL RolePermissionSetting 4 Administration True 13.10.2015 10:18:07 NULL 4 NULL RolePermissionSetting
Something is still missing here, any advice?
-
0
So it seems I did misunderstand Permissions persistence.
I thought the permissions created through AuthorizationProvider.SetPermissions would be persisted inside AbpPermissions. But it seems they have to be created inside my AuthorizationProvider. For me that's a little strange. Why don't you persist the Names and Localisations to the Database (i.e. AbpPermissionNames)?
Also the error handling for the navigation menu (NavigationProvider) feels awkward. GetScripts fails completely when the Permission cannot be found. Would you mind, if I change this in Github? Or open an Issue on this?
-
0
You can create issue on Github to discuss menu thing. Why don't we persist permission names into database? Because it's not true. A "permission definition" is a programmatic stuff and should be in the code, it's not data. If you didn't get the idea, I can explain a bit more.
