Activities of "bma"

hi ismcagdas

It was running in prod mode.

We figure out that we need to config to JsonResult specific for this ajax based multi-part form.

The probelm is solved - ty ;-)

Hi @ismcgdas

FYI;

// this is the service method
public async Task<int> UploadFile(FileDto fileDto)
{
    // if (some logic to check fro duplicates)
    throw new UserFriendlyException(409, "File already exists");
   
    // some logic to add record to db and save file on disc
   
    return 1;
}
   
   
public class FileDto
{
    public int FileGroupId { get; set; }
   
    // some other fields with primitive types
   
    [Required]
    public IFormFile File { get; set; }
}

Our problem seems to be on server side.. we are expecting following response from the API endpoint { "result": null, "targetUrl": null, "success": false, "error": { "code": 409, "message": "File already exists!", "details": null, "validationErrors": null }, "unAuthorizedRequest": false, "__abp": true } but we are getting raw exception response instead..

Ok - ty for the quick response ;-)

Will SetGrantedPermissionsAsync save the permission for this user in DB? Or only for session...

If SetGrantedPermissionsAsync stores in DB > then Permission will be carried on to the next Case and therefor not solve the problem....

But the role is not assigned in advance as it is case related. Eg. can I have the role "CanEdit" on 1 case (# 9873) and on another case (# 439988) I have the "Approver" role. Without at the same time having the role of CanEdit as I had on the other case. In other words; i need to find permissions from a Role runtime and add them on a user. How can I do that? Hope it makes sense.

Let me try to explain better ;-)

We have an entity; Case

For Case, we have a number of permissions. It could, for example. be: Can upload file to Case. Another could be; Can edit Case metadata. We intend to use the built-in Roles and Permissions from .Zero to deal with this.

What we need beyond this is that a given Role (R1) only gives Rights to a given Case (C1) and that R1 does not automatically give rights to C2. In other words; a User (U1) has only R1 to C1 if there is a relationship between U1 and C1

I think the solution is to inject the User - Case relation check, in the permission check - but not sure.