Yes, the PermissionManager is created through dependency injection. So is the _session btw private readonly IAbpSession _session;
The background job is not a timed job but is handled like the notifications are (through AbpBackgoundJobs)
await _backgroundJobManager.EnqueueAsync<SyncWithMooJob, SyncWithMooJobArgs>(new SyncWithMooJobArgs(AbpSession.GetTenantId()));
And
public class SyncWithMooJob : BackgroundJob<SyncWithMooJobArgs>, ITransientDependency
{
private readonly IMooManager _mooSyncManager;
public SyncWithMooJob(IMooManager mooSyncManager)
{
_mooSyncManager = mooSyncManager;
}
public override void Execute(SyncWithMooJobArgs args)
{
AsyncHelper.RunSync(() => _mooSyncManager.AutomaticSyncWithMoo(args.TenantId));
}
}
}
If I strip the method down to just
public async Task AutomaticSyncWithMoo(int tenantId)
{
try
{
using (CurrentUnitOfWork.SetTenantId(tenantId))
{
using (_session.Use(tenantId, null))
{
var permission = _permissionManager.GetPermissionOrNull(AppPermissions.Pages_Administration_TeacherGroups);
}
}
}
catch (Exception ex)
{
Logger.Error(ex.Message + ex.StackTrace);
}
}
I still get a NULL result. Just for clarity, when I add _permissionManager.GetPermissionOrNull(AppPermissions.Pages_Administration_TeacherGroups);
to for instance an AppService there are no issues
Hai,
My project has a situation where I want to get a Permission from the PermissionManager inside a backgroundjob. The permission is defined as follows:
administration.CreateChildPermission(AppPermissions.Pages_Administration_TeacherGroups, L("GroupsForTeachers"), multiTenancySides: MultiTenancySides.Tenant);
inside the AppAuthorizationProvider. When the following code is run
using (CurrentUnitOfWork.SetTenantId(tenantId))
{
using (_session.Use(tenantId, null))
{
var permission = _permissionManager.GetPermissionOrNull(AppPermissions.Pages_Administration_TeacherGroups);
}
}
the permission is always NULL. What am I missing?
We are currently using ABP 4.12.0
We managed to reproduce the behaviour. Please see the GitHub issue.
Hi JakeE,
We would love to hear from you wether you managed to find a solution to the problem other than expiring the caches after 1 second. We are experiencing the same issues (https://support.aspnetzero.com/QA/Questions/9015)
We know about the possibility to clear the cache by hand, but have been unable to reproduce the corrupted cache after doing this.
It doesn't seem to happen everytime, which is why we assume there is a specific scenario somewhere that leads to the tenant filter not being applied in AbpFeatureValueStore.GetTenantFeatureCacheItem(Async)
We believe that when this scenario presents itself just as the cache has been expired, these two situations together lead to the cache being corrupted. Me and my team have been going through our code to find this scenario, but have not had any luck.
We would be very grateful if you could brainstorm with us on what could possibility lead to this.
We use the default FeatureChecker implementation to check if features are enabled for tenants. Next to this we use the RequiresFeature Attribute on almost all our AppServices. We don't know how this Attribute is implemented behind the scenes.
We don't know where this behavior comes from so it is hard to answer your second question. We only know the end result as we pointed out in the original post. We did suspect using DisableFilter for MayHaveTenant/MustHaveTenant or when using SetTenantId on the CurrentUnitOfWork but were unable to reproduce it using these scenarios.
We also have the assumption that the data gets corrupted only when the cache has expired and data is re-added through either GetTenantFeatureCacheItemAsync or GetTenantFeatureCacheItem.
In summary, we know the end result but not what leads to this.
We are running into caching issues with our application. The problem seems equal to the problem mentioned by another customer https://support.aspnetzero.com/QA/Questions/8897.
AbpZeroTenantFeatures returnzs the wrong entries for a given tenant (Mismatched from what is in the database). Clearning the cache updates a tenants features to the proper list again. Then it will be fine for a period of time and then start returning incorrect features for a tenant until we clear the cache again.
We were running ABP 4.8.1 and have already upgraded to 4.12.0 but this did not solve the problem. Also, we experience this problem with in memory caching and Redis caching.
When we check the cache contents of AbpTenantFeatures for tenant 1 this normally contains the following:
{
"EditionId": 1,
"FeatureValues": {
"App.NarrowcastingFeature": "true",
"App.NarrowcastingMaxScreenCount": "10"
}
}
This corresponds to the TenantFeatureSettings stored in the database for this tenant:
At the moment the cache is “corrupted” for tenant 1 it contains te following:
{
"EditionId": 1,
"FeatureValues": {
"App.AbsenceReporter": "false",
"App.Calendar": "false",
"App.MessagingFeature": "false",
"App.NarrowcastingFeature": "true",
"App.NarrowcastingMaxFeedCount": "2",
"App.NarrowcastingMaxScreenCount": "3",
"App.PrivacyFeature": "false",
}
}
We checked AbpFeatureValueStore.GetTenantFeatureCacheItemAsync
to see if something goes wrong there. The code that gets the features from the database looks ok:
using (var uow = _unitOfWorkManager.Begin())
{
using (_unitOfWorkManager.Current.SetTenantId(tenantId))
{
var featureSettings = await _tenantFeatureRepository.GetAllListAsync();
foreach (var featureSetting in featureSettings)
{
newCacheItem.FeatureValues[featureSetting.Name] = featureSetting.Value;
}
await uow.CompleteAsync();
}
}
However, it seems that the tenant filter is not applied at the moment the problem occurs. We think this is the case because when all TenantFeatureSettings are returned from the database, the last value returned from the table for that setting will be set in the FeatureValues dictionary.
A small LinqPad script that does the same:
// Get tenant features for all tenants
var features = AbpFeatures.Where(f => f.Discriminator == "TenantFeatureSetting").OrderBy(f => f.Id).ToList();
// populate dictionary
var d = new Dictionary<string,string>();
foreach (var feature in features)
{
d[feature.Name] = feature.Value;
}
// show results
d.Dump();
Result: The result is exactly the same as the items found in the "corrupted" cache.
Now the big question is: why would the tenant filter not be applied? Is there any circumstance that _unitOfWorkManager.Current.SetTenantId(tenantId) does not work? E.g. when we disable the tenant filter? Or when we set the tenant Id ourselves earlier?
Hello,
We are currently working on a project that uses IdentityServer and ASP.NET Zero. This is the first time I am using these techniques and I am not sure whether I understand these concepts correctly.
Our goal is to provide an authentication/authorization platform for clients in which users can use their authentication cookie of an external identity provider to check whether they have a valid license. These licenses are managed in our portal. The workflow would look like something like this:
I have started experimenting with the startup template of ASP.NET Zero but my lack of experience with these concepts makes it difficult to determine whether I am on the right track. I am able to use a MVC client to contact the IdentityServer of the ABP project and am successfully getting authenticated using the external Idp (using the SAML2 package of Sustainsys) but am unable to authenticate in Abp. Also, I am not sure how this authentication is related to the External Login Providers that Abp already provides (the social logins for Google, Facebook etc.). Should I somehow add a new provider? I have tried to build an ExternalAuthenticateModel and use the ExternalAuthenticate method in the TokenAuthController to authenticate but am not sure if this is the way to go.
I hope that there is someone here who has a little more experience with this and can tell me if I'm on the right track.
Kind regards, Nick