Base solution for your next web application
BLACK FRIDAY
From Nov 21
To Dec 1
XXDAYS : XXHRS : XXMIN : XXSEC
SAVE UP TO$3K
Also valid for the
existing customers!
Open Closed

Use roles to group permissions in DB #498


0
klainer created

Hello, I´m traing to do role permission managment. So I created custom permissions:

var administration = context.CreatePermission("Administration", new LocalizableString("Administration", "MND"));

            var pageManagement = administration.CreateChildPermission("Administration.PageManagement", new LocalizableString("PageManagement", "TT"));
            pageManagement.CreateChildPermission("Administration.PageManagement.DeletePage", new LocalizableString("Delteting", "TT"));
            pageManagement.CreateChildPermission("Administration.PageManagement.CreatePage", new LocalizableString("Creating", "TT"));
            pageManagement.CreateChildPermission("Administration.PageManagement.EditPage", new LocalizableString("Editing", "MND"));

            var roleManagement = administration.CreateChildPermission("Administration.RoleManagement", new LocalizableString("RoleManagement", "TT"));
            roleManagement.CreateChildPermission("Administration.RoleManagement.DeleteRole", new LocalizableString("Delteting", "TT"));
            roleManagement.CreateChildPermission("Administration.RoleManagement.CreateRole", new LocalizableString("Creating", "TT"));
            roleManagement.CreateChildPermission("Administration.RoleManagement.EditRole", new LocalizableString("Editing", "TT"));

I want to store information about granted permissions for ROLE in DB like you have it in ABP.Zero.

For that I used RoleAppService:

public async Task UpdateRolePermissions(UpdateRolePermissionsInput input)
        {
            var role = await _roleManager.GetRoleByIdAsync(input.RoleId);
            var grantedPermissions = _permissionManager
                .GetAllPermissions()
                .Where(p => input.GrantedPermissionNames.Contains(p.Name))
                .ToList();

            await _roleManager.SetGrantedPermissionsAsync(role, grantedPermissions);
        }

Input data: RoleId: X GrantedPermissionNames: Administration, Administration.RoleManagement, Administration.RoleManagement.DeleteRole

When i change permissions by UpdateRolePermissions , where are chnages strored ? If they are not stored what is purpose od this method ?

But when i call this method nothing is happen. In db (AbpPermissions) are not any changes. What I´m doing wrong ? Thnks !

Update: I notice, tahat after calling these method:
SetGrantedPermissionsAsync(role, grantedPermissions); GrantPermissionAsync(role, VARIABLE); ProhibitAllPermissionsAsync(role);

I also try this, but permission do not savr to db:/

public async Task UpdateRolePermissions(UpdateRolePermissionsInput input)
        {
            var role = await _roleManager.GetRoleByIdAsync(input.RoleId);
            var grantedPermissions = _permissionManager
                .GetAllPermissions()
                .Where(p => input.GrantedPermissionNames.Contains(p.Name))
                .ToList();



            if (role != null)
            {
                if (grantedPermissions.Count > 0)
                {

                    foreach (var item in grantedPermissions)
                    {
                         _roleStore.AddPermissionAsync(role, new PermissionGrantInfo(item.Name, false));
                         //_roleManager.GrantPermissionAsync(role, item);
                    }

               
                }
                else
                {
                     await _roleManager.ProhibitAllPermissionsAsync(role);
                }
            }

        }

DB table [AbpPermissions] completly freeze.. After call these methods in the sql managment studio cannot select items. ABP LOCK this table ? Some Bug ?


9 Answer(s)
  • 0
    klainer created

    SOLVED by await before every async CALL :D :) I got DEDLOCK,more info: <a class="postlink" href="http://blog.stephencleary.com/2012/07/dont-block-on-async-code.html">http://blog.stephencleary.com/2012/07/d ... -code.html</a>

  • 0
    papinaser created

    <cite>klainer: </cite> SOLVED by await before every async CALL :D :) I got DEDLOCK,more info: <a class="postlink" href="http://blog.stephencleary.com/2012/07/dont-block-on-async-code.html">http://blog.stephencleary.com/2012/07/d ... -code.html</a>

    Hi. I cann't understand permission and role in abp Module Zero . I have your problem too. Can you get me information about how permission and roles works based on abp Module Zero? Thanks you

  • 0
    hikalkan created
    Support Team

    Have you read all documents:

    • Authorization: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Authorization">http://www.aspnetboilerplate.com/Pages/ ... horization</a>
    • Role management: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Zero/Role-Management">http://www.aspnetboilerplate.com/Pages/ ... Management</a>

    I think I can not explain it in more detail. If you have specific question, you can ask.

  • 0
    papinaser created

    <cite>hikalkan: </cite> Have you read all documents:

    • Authorization: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Authorization">http://www.aspnetboilerplate.com/Pages/ ... horization</a>
    • Role management: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Zero/Role-Management">http://www.aspnetboilerplate.com/Pages/ ... Management</a>

    I think I can not explain it in more detail. If you have specific question, you can ask.

    Yes, I read these documents and I use module zero template for my project. But when I add a Role and set this for my user manually in db (AbpRoles,AbpUserRoles tables)
    Then I set for that role ,one of my project permissions manually in db (AbpPermissions table) In my controller method I use PermissionChecker.Authorize("TestPer") for check user permission. I have Required permissions are not granted. At least one of these permissions must be granted: TestPer ERROR. I clear browser cache but same error again. I trace my code and abp code and abp.zero code, finally I found that in method GetPermissionsAsync(int roleId) of abpRoleStore class (AbpZero Project) , this code : _rolePermissionSettingRepository.GetAllListAsync return 0 count always. can you help me about this problem. thanks you.

  • 0
    hikalkan created
    Support Team

    Can you share your database entries (you can add screenshots of tables for example). Also, ABP caches permissions, you may need to recycle your app (in debug, you can stop debugging and rebuild your solution to reset your app).

  • 0
    papinaser created

    Hi. I clean and rebuild my web project but same problem again. these attached files are the images of tables. I don't know how share cache permissions ... thank you.

  • 0
    hikalkan created
    Support Team

    Discriminator field must be RolePermissionSetting in AbpPermissions table. TestPer is an invalid value.

  • 0
    papinaser created

    THANKS a lot solved by change Discriminator value to RolePermissionSetting.

  • 0
    djrot created

    In an application with Dynamic permissions Should be usefull to have a button to copy a group " with all related permissions on tables" This is nice when have many tables.