Activities of "SelfSwapAdmin"
The files were delivered 2 days ago. Could you please beging working on this support request? Thank you.
It will be zipped with the following password: @^'CzNrY@:y}7t+j
Please delete our files when done using them. Thank you.
Like I wrote above, it seems to be working find now after deleted any pre-existing cookies from browers I had tested on before. The new cookies are not presenting a problem. I will leave everything as-is for now. Thank you!
ASP.NET Zero 10.2 Angular 10/.NET Core 5
Earlier today upon testing it for the first time in my application, I discovered that 2FA is not working. The exception “Security code cannot be sent!” is being thrown by TokenAuthController due to the CacheItem being null after the call to the CacheManager. Upon researching this I discovered that the problem was originally reported earlier this year on a 10. 0 Angular/Core solution (https://support.aspnetzero.com/QA/Questions/9970/Two-factor-code-caching). The problem was acknowledged as a bug and supposedly fixed in #3754 which was closed on February 2, 2021 to be included in 10. 5. It was recommended to the original submitter to apply the changes of #3754 to fix the problem on their 10 solution. I just carefully applied those changes myself to my 10. 2 solution, but it has not corrected the problem so far of the null CacheItem.
I see there was some backtracking of earlier changes in the final commit. It appeared to me that the final change set in #3754 was incomplete or invalid as there was an import added into the send-two-factor-code.component.ts for the validate-two-factor-code.component.ts, but is unreferenced and unused there. It was used and an earlier change set that was backtracked. I don't if I have something wrong or not, but I think the solution that was posted in GitHub is incomplete or confusing at least. I really need to get this working ASAP without spending a lot more additional time on it. I have attached Git diff screenshots of all my changes. What is wrong or missing? Is there anything else I need to do or specific ways to test this while running in my development environment? My app logs in fine with 2FA disabled and these changes below in effect. Thank you.
Hey)) I just hit this problem today myself on 10.2 Angular\Core. I also applied the changes from #3754 but it did not fix the problem on my local so far. Did you find any problems with the changesets, which backtracked on earlier changes in the final commit and left an unused import for validate-two-factor-code.component.ts in send-two-factor-code.component.ts?
I'm still not sure you understand my explanation of our requirements. We will have customers who are single users and customers who are organizations with multiple employees needing access to the same tenancy. The application will store very sensitive financial information. We might have some customers in the future whose size or security requirements might require their data to be compartmentalized into a dedicated database. Therefore each logical "customer" will have it's own tenancy to enable this physical separation and to maximize data security otherwise.
The new account (customer) registration procedure will enable the creation of a new tenancy for either a single user account or an organization who will later add additional users through the administration tools that the site grants them access to. A user has to click a new account registration button in order to start that process. It would not happy via the login button. For tenants needing multiple users, the first user who registered and created a new tenancy is automatically granted a "Tenant Admin" role which gives them the rights to adminster their tenancy including subcription level and user maintenance.
In this way it works like most other sites, including Amazon as shown below, where the "Create your Amazon account" button establishes a new account. This account could be an individual account or a business account. Creation of a new account does not associate the account to some "Default" tenant which would store all the account's data with other user's data. The problem I am reporting is that the "Create account" process with our .NET/Angular 10.2 based solution is adding new users to the Default tenant when login by email address is enabled, and not creating a new tenant for it. Is that by design? What is the theory behind that?
HOWEVER, I was just reviewing the "What is Multi-Tenancy?" page you referred me to and struggling to understand what it is from there that you are advising me to do when I suddenly realized the problem I am reporting has to be caused by a cookie. Sure enough I invoked our site from an incognito window and got a different result, with the login page showing "New Tenant" instead of "Create Account". I clicked the "New Tenant" button and it prompted me to selected a subscription level. If I log out and log back inThis is exactly what we want and what I am expecting. Then I tested it on all major browsers incognito and not, including one other browser I have been testing with for a while. Curiously I discovered that the problem only occurs on browsers (Chrome and Edge) that I been using for a while to test our site.
I then deleted our site's cookies from Chrome and Edge and discovered that the problem no longer reoccurs on either of those browsers. It appears the problem I needed to fix only occured with old cookies, probably those created before I changed the configuration to login by email and bypass tenant selection. So right now it appears all is well and no code or further configuration changes are needed. Were you aware of this behavior? If not, I thought you might like to know about it. Thank you for your help.
Actually this sentence "For our site, each new user registering from the login page will create a new tenancy" is a requirements statement.
I have not modified any base code to satisfy this requirement. How to do this is modification is my inquiry.
After making the change to login only by email address, which eleminates the login page controls to show and switch Tenants, I tested creating a new user from the login page.
I discovered that all new users created the go to the Default tenant 1. We need the system to create a new tenant for each user creating a login.
Before just figuring out what to change on my own, I want to seek advice on how to properly do this. Also I thought that behavior was unusual and I want to better understand what the intended design is to make sure we are doing things properly.
To summarize, I am inquiring how to configure or modify the base code t create a new tenant for each self-registering user. Thank you.
ASP.NET Zero 10.2 Angular 10/.NET Core 5
I have multitenancy enabled.
For our site, each new user registering from the login page will create a new tenancy. This first user will be a power user that can add additional users for that tenancy which share the subscription and tenant data.
I followed this procedure to have users login by unique email address: https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Core-Angular-Sign-In-Without-Specifying-Tenant
I am disabling all places where the standard UI allows the display/switching of tenants. We don't want our users to see any of that.
I am just testing the standard "Create account" from the login page. Why does it automatically assign new users created there to the Default tenant? What is the most appropriate way to change the system so that it creates a new tenant for that user instead? Thank you.
Thank you. I really appreciate the clarification. I'm really short on time. I have a lot of experience with custom RBAC's but need to understand how Zero works and what it's limits are.
Does the subscribed edition therefore enable access to additional features via the "Discriminator" field then? And those associated permissions would need to be assign to an existing or new role granted to the subscribed user?
Would these essentially be additive to the pre-existing permissions? If we wanted to create several levels of subscriptions like Gold, Platinum and Diamond, right now would we have to duplicate the permissions of Gold into Platinum's Discriminator, and Platinum's permissions into Diamond's?
Is "RolePermissionSetting" a magic word that is not filtered by an Edition? Or am I missing something?
To me it looks like I need to build a mapping apparatus used to assign designated permission-sets to roles which our enrollment and subscription upgrade will automatically assign. Basically it will list the permissions for each possible role and create them, if they do not already exist. Upon downgrade it could be used to remove (clean up) the Permissions table, and be used to sync up version upgrades if we add new persmissions into an existing role. Does any of this make sense?
In the longer term I might repurpose that Discriminator column, if I understand it correctly, to reference a cross-reference table that maps out a non duplicated set of role-permission assignments. Again, make any sense to you?
Thank you!!
Could you please elaborate on what you mean by "AspNet Zero does not support user based subscription.". That sounds bad somehow and I would like to understand better what you are saying. Thank you.