Open Closed

I cant get permissions on API to work #84


0
bvz created

I have implemented the IPermissionChecker interface:

public class PermissionChecker : IPermissionChecker
    {
        public async Task<bool> IsGrantedAsync(string permissionName)
        {
            return true;
        }

        public async Task<bool> IsGrantedAsync(long userId, string permissionName)
        {
            return true;
        }
    }

I am always returning true for now, I just want to check if I am wiring everything up correctly.

I then register the type like so:

IocManager.Instance.IocContainer.Register(
                Component.For<IPermissionChecker>().ImplementedBy<PermissionChecker>().LifestyleTransient());

When I make a call from angular on the API to a REST action that has this attribute:

[AbpAuthorize("Admin")]

The frontend angular generates an error message stating that "No user is logged in."

But a user IS logged in.

Also, neither of the IsGrantedAsync methods on the IPermissionChecker implementation are hit ever, so the system is not even attempting to find out if the current user has the required permissions. The constructor for PermissionChecker is being called though.

Questions:

  1. Why am I getting an error stating that no user is logged in, when there is a user logged in?
  2. When an API call tries to access an AbpAuthorize marked REST action, the user should be taken to the log in pate. How is the log in url specified for the single page angular side?

1 Answer(s)
  • 0
    hikalkan created

    Hi,

    AbpAuthorize checks IAbpSession.UserId first. If it's not, it throws exception since no user logged in. Second question is also related to this, if I understood.