When I posted the question, I could not make the error go away. (The error said something about the context being disposed, or something along those lines.)
Now, when trying to set up the same scenario so that I can post code examples... it just works. I cannot get reproduce the error.
Works perfectly, the UOW is used across all three layers. I don't know what I was doing wrong when I posted the original question.
Thank you for your time and effort anyway! I really appreciate all the effort you put into this great framework.
POST works fine for now.
But how does it know how to make it GET and when to make it POST?
Thank you for your reply.
So internally, whenever ABP wants to find out who is logged in (to show the correct menu items, or to send the id to the PermissionChecker etc), it will always use the UserID from the IAbpSession implemtation, which it will grab from the IoC?
I am not using Zero.
I have already added some roles with this:
public override void SetPermissions(IPermissionDefinitionContext context)
{
var admin = context.CreatePermission("Admin", new LocalizableString("Admin", MixTechConsts.LocalizationSourceName));
var superadmin = context.CreatePermission("SuperAdmin", new LocalizableString("SuperAdmin", MixTechConsts.LocalizationSourceName));
var user = context.CreatePermission("User", new LocalizableString("User", MixTechConsts.LocalizationSourceName));
}
My question is, when I call the API, and I hit something decorated with this:
[AbpAuthorize("Admin")]
How does ABP know how which users have which roles?
How does ABP know if the currently logged in user has the Admin role or not, so that it can decide if the user has access to the REST API call or not?