I find it odd that when calling the AddSubscription API in the WebhookSubscriptionAppService, I can pass in the IsActive property and it is honored. But when I try to "toggle" the IsActive property with UpdateSubscription API, the IsActive is not honored. Feels like a bug to me but maybe I'm not understanding something??
The question centers around the Range attribute on the property MaxResultCount. I want to be able to "customize" this MaxResultCount property per edition/tenant. I plan to do this using a feature.
I used the keyword new to hide the base class property and cover it with the new property declared here. I used the ICustomValidate interface to implement my own custom feature lookup and validation logic. See below.
public class GetWrapupCallsInputBase : PagedAndSortedInputDto, IShouldNormalize, ICustomValidate
{
// used the keyword new to hide the base class property and cover it with the new property declared here.
new public int MaxResultCount { get; set; }
public void AddValidationErrors(CustomValidationContext context)
{
new ExportRowCountValidator(context, MaxResultCount, AppConsts.WrapupDetailsRowCountFeatureKey).Validate();
}
// ...
}
Here's the validate logic.
public void Validate()
{
var featureChecker = _context.IocResolver.Resolve<IFeatureChecker>();
int limit = 1000;
if (featureChecker.IsEnabled(AppConsts.EnableExportRowCountFeatureKey))
{
limit = featureChecker.GetValue(_field).To<int>();
}
if (_maxResultCount < 1 || _maxResultCount > limit)
{
var message = _context.Localize(O365ContactCenterConsts.LocalizationSourceName, "ExportRowCountError");
message = string.Format(message, _maxResultCount, 1, limit);
_context.Results.Add(new ValidationResult(message));
}
}
My problem is that the behavior is different when calling the API from Swagger/UI versus from unit tests. When I took this code, launched the program and tried it out in the UI, everything worked perfectly. I was able to log in as the Host Admin user and customize the Feature values for the WrapupDetailsRowCountFeatureKey. Then, when I tested requesting values from the API, I was able to exceed the AspNetZero default value of 1000 that is hard-coded into the base class's MaxResultCount Range attribute value, but my Validate code perfectly threw the error that I wanted it to when I exceeded my own custom maximum value.
On the other hand, when I tried this in unit tests, my tests failed. When I used the debugger to step through it, I realized that it was correctly running the Validate logic that my covering property was supposed to have, and it passed through the method with no errors, the requested row count value was within the range specified by the custom feature value. But as soon as control left my code, the AspNetZero attribute validation (which I'm unable to step through in the debugger, since it's not actually in my project) threw the error that I was trying to override -- "You may not have a maximum value outside the range 1 to 1000."
Our project is hosted in azure and is replicated across 3 nodes. There seems to be an issue with the Dashboard where we receive a "page not found" exception on a brand new dashboard(or after resetting to default) when clicking add new widget. The default dashboard definition creates a page with a unique id (guid), which seems to be cached locally but not in our redis cache, and so wont be the same id when the next api call is fetched and it hits a different node.
This video shows the issue: https://landiscomputer-my.sharepoint.com/:v:/g/personal/gavin_landistechnologies_com/EViEe61wZJlCvFYme4gIsdUBEknxr4_v-JVvViMdSOD4KQ?e=xg52jc
Also this shows every third request, works as expected, when the api hits the first node that generated the dashboard definition: https://landiscomputer-my.sharepoint.com/:v:/g/personal/gavin_landistechnologies_com/EVek59wkW5FHg5bQryj1vGIByoxZBx8qe5DQ5-ul63Zhpw?e=LwXmkL
What is the recommend solution to this?
There is a security vulnerability on the register and login page as reported in this issue:
https://github.com/aspnetzero/aspnet-zero-core/issues/4649
Is there a workaround for this?
I saw here: https://support.aspnetzero.com/QA/Questions/7845/UserAccount-table-purpose-Multitenancy that it looks like the UserAccounts table is used just for the linked accounts feature. I was wondering if we don't want that feature can we override the Abp.Authorization.Users.UserAccountSynchronizer and simply not save that data there? We are wanting to use a different database for a tenant and they don't want that data outside their database.
When impersonating a tenant, the site just redirects to the login page without any error. It works fine when debugging locally but not when deployed to Azure as a single solution.
It appears that when the FE redirects to https://sitename/?impersonationToken=<sometoken>&tenantId=<tenantid> that the backend just redirects the request to index.html and does not pass along the query parameters.
I've replicated this problem in a clean project download. You can test here: https://testanz105.azurewebsites.net/account/login
We have been able to successfully use the builtin support for OpenID to allow users to authenticate with our site using AAD. But the way ABP works, it just uses AAD for authentication but then ABP issues it's own token issued by the TokenAuthController.
We would like to uss AAD token for the whole stack. In other words, I want the app service api's to take AAD token for authentication. Do you have any guidance on how to implement this?
I noticed in the default project that abp.signalr.autoconnect is set to false in ngAfterViewInit() of app.component.ts.
I want to change this for my app to autoconnect, but just wanted to make sure that there isn't an important reason for setting it to false before making that change.
Are there any gotchas to doing this?
Where is the source code for ExternalAuthManager?
We are building an application on ANZ using multitenancy and we need to use Azure AD for authentication. Our project is Core/Angular. Is this possible? If so, is there any guidance available?