First of all keep the good work!
I'm new to asp mvc development but i'm doing my best to catch up.
I'm a bit confused how PermissionDefinitionContext is associated with AbpPermissions Entity and PermissionChecker. What I would like to have is, Users and Roles associated with AbpPermissions and using both AbpAuthorize attribute and PermissionChecker in my controllers to check for authorization of actions. In the module-zero sample, i cannot understand relation between AbpPermission table and Permissionchecker or AbpAuthorize attribute as it checks only for permissions registered within the PermissionDefinitionContext.
Is that possible and if yes, what do i missed?
Furthermore, what is the suggested way to create new users? and how do i handle plain passwords to be inserted correctly in db as encrypted.
Hi,
It is fairly easy with azure web app service. You have to create a web app service with a database linked. Then you download publish profile, insert into visual studio and publish. To perform the migrations to azure db you can change the connection string in web config temporarily, or target it during update-database command(Update-Database -ConnectionStringName "AzureConnectionString").
Dont forget to white list your ip in order to perform migrations.
Hi all,
Nice job guys.
I was wondering what is the best way to implement cache per tenancy?
For example i have an entity that implements IMustHaveTenant.
i have a property named "name" which is unique for each tenant. I would like my appService getByName method, to return this entity from cache. However, if two tenants have an entry with same "name", cache returns the object of the first accessed.
What is the best practice to implement this functionality?
That is what i was thinking of at the beginning. Just wondering if there was already something automated and missed it i.e like the way the fw is holding the tenancy permissions and settings.
Thanks for the confirmation Hikalkan
Hello,
I downloaded the latest template including module zero (EF with Multipage app). The first issue i faced is the one already posted at #1201
Then, after fixing the above
I was trying to implement external login with Google+ but i'm getting Abp.Authorization.Users.AbpLoginResultType.UnknownExternalLogin as login result.
Please note, that the first time a user clicks google, the user successfully registers. However, after registration is not getting logged in. The same result appears when a registered user is trying to get in using google+
I thought i missed something, however i downloaded the eventcloud sample project, wired up my google api credentials and tried and it was working as expected.
Then, i upgraded to 0.9.1.1 using nuget console, i applied the required changes for the project to build and run the upgraded EventCloud solution and voila, the same error appears Abp.Authorization.Users.AbpLoginResultType.UnknownExternalLogin as login result of an account already registered using google. As a result, the user instead of getting logged in in the app, it is redirected to register a new account with an error of a user with same email already registered.
I was having error too while testing db per tenant. What solved me the issue on my dev machine, was to enable TCP/IP connections to the sql express server: <a class="postlink" href="http://blog.citrix24.com/configure-sql-express-to-accept-remote-connections/">http://blog.citrix24.com/configure-sql- ... nnections/</a>
Your connection string looks ok
You may ignore the firewall part oft he tutorial if you you are working locally.
This is probably Identity question, but i would be grateful if you can help.
Basically I would like to know if a user is logged in using token (through API) or using cookies(default login form)
Thanks
This is what i do in my web module, you can do the same in your Application module:
public static class AutoMapperWebConfiguration { public static void Configure() { ConfigureAdministrationMapping();
}
private static void ConfigureAdministrationMapping()
{
var input = Mapper.CreateMap<ServerViewModel, ServerInput>();
var AppUserToUserMap = Mapper.CreateMap<UserListDto, AppUserViewModel>()
.ForMember(dest => dest.AppID,
opts => opts.MapFrom(src => src.UserName));
}
}
and in initialize method of the module, i call AutoMapperWebConfiguration.Configure();
It works for me, i don't know if there is a more elegant way of achieving it
Thanks hikalkan for your suggestion, However i cannot use cookie to determine this info. The reason is that im having two types of users. App users and normal users. Normal users have the UI to create App users. The only difference between them is an enum that defines a user as App user. App users have different set of permissions. No problem on that. Using cookie approach will work in production but will fail in swagger tests because the app user it is used with swagger bearer authentication should probably accessed the ui and generated the cookie on same domain as the swagger(might be wrong here)
The solution im using now is an app service that determines usertype enum by user id by using usermanager. However i was looking if there was some more elegant and faster already in claims, or maybe provide me some more info regarding your second proposed solution as i haven't got it.
Thanks again and keep great work.
Hi guys,
I'm trying to implement something with swagger. Basically i have enabled swagger for my new app. For the swagger, i have created a custom filter named HideInDocs which uses regex to hide some framework default methods from swagger ui page (ie app/user, app/tenant, app/session)
Now, i need to also hide authorized methods that current has no permissions to access it. this works fine if the methods are webapi methods. Using apiDescription.GetControllerAndActionAttributes<object>(); i can get required permissions for the method and then check if a permission is granted for current user and decide whether to include it in swagger ui page or not.
The problem arises when i'm trying to do the same for dynamicApi generated methods as var test = apiDescription.GetControllerAndActionAttributes<object>(); returns nothing. Seems that attributes are not reflected for dynamically generated methods.
Is there any way to achieve the same functionality on dynamicWebapi methods?
Below is my DocFilter:
public class HideInDocsFilter : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
foreach (var apiDescription in apiExplorer.ApiDescriptions)
{
var test = apiDescription.GetControllerAndActionAttributes<object>();
//remove from docs autogenerated services
Regex r = new Regex("AbpCache|AbpServiceProxies|app/session|app/tenant|app/user|ServiceProxies|TypeScript");
if (r.IsMatch(apiDescription.ID))
{
swaggerDoc.paths.Remove("/" + apiDescription.RelativePath.Split('?')[0]);
}
}
}
}