HI Arron,
thank you for your reply, but unfortunately your suggestion does not work.
If I only change the roles a user belongs to, the form input data that is sent to the user service does not contain a password (the password is an empty string). Therefore, even though using the ObjectMapper.Map function will map the password field, it maps the empty string, and so the EntityFramework update fails.
I have fixed this by editting the UserAppService, method UpdateUserAsync. But I can't help thinking I am missing something and I didn't need to change such a fundamental part of the system. Here is my change - I welcome any comments.
[AbpAuthorize(AppPermissions.Pages_Administration_Users_Edit)]
protected virtual async Task UpdateUserAsync(CreateOrUpdateUserInput input)
{
Debug.Assert(input.User.Id != null, "input.User.Id should be set.");
var user = await UserManager.FindByIdAsync(input.User.Id.Value);
//////// THIS VARIABLE IS NEW
var originalPassword = user.Password;
//Update user properties
input.User.MapTo(user); //Passwords is not mapped (see mapping configuration)
if (input.SetRandomPassword)
{
input.User.Password = User.CreateRandomPassword();
}
//////// THE 'ELSE' KEYWORD IS NEW
else if (!input.User.Password.IsNullOrEmpty())
{
CheckErrors(await UserManager.ChangePasswordAsync(user, input.User.Password));
}
//////// THIS ELSE BLOCK IS NEW
else
{
user.Password = originalPassword;
}
CheckErrors(await UserManager.UpdateAsync(user));
//Update roles
CheckErrors(await UserManager.SetRoles(user, input.AssignedRoleNames));
if (input.SendActivationEmail)
{
user.SetNewEmailConfirmationCode();
await _userEmailer.SendEmailActivationLinkAsync(user, input.User.Password);
}
}
Perhaps a better way to phrase my question.
In order to change a users roles using ABP Zero, I have to change the password at the same time. I just want to be able to change the assigned roles without changing the password. Is this possible?
I can not save users in the admin back office (for example, I can not assign roles). When I try to save a user I get a pop up error message.
The modal does indeed call the UserAppService - CreateOrUpdateUser
This error is written to the log file:
ERROR 2017-10-03 16:50:06,694 [44 ] ud.EntityFramework.UtilityCloudDbContext - There are some validation errors while saving changes in EntityFramework: ERROR 2017-10-03 16:50:06,694 [44 ] ud.EntityFramework.UtilityCloudDbContext - - Password: The Password field is required.
Is this a bug that has since been fixed?
Hi Aaron, that was exactly the information I was looking for! Thank you.
Hi,
how exactly should the "Remember Me" checkbox on the login page work?
Currently I use a cookie so ticking or unticking the checkbox makes no difference. If the user does not explicitly logout, the next time they open their browser they are automatically logged in. This is not what I want.
Thanks
Issue created -- customErrors and httpErrors Conflict #533
To add more detail to this, this is a problem!
customErrors must be on for UserFriendlyException. This is fine.
httpErrors must be off for UserFriendlyException.
But then, if the user attempts to visit a URL they don't have permission for, IIS displays its default 403 error page because you can't have httpErrors configured in web.config.
No problem. I haven't really made any more progress :(
system.web/CustomErrors must be on for text in UserFriendlyExceptions to be displayed on the client.
Status code 401-Unauthorized should not have an explicit customError as this causes issues with redirection to the login page.
system.webServer/httpErrors can not be on or it also breaks UserFriendlyException. I haven't got to the bottom of why but assume it is in ABP framework code.
UPDATE: there is a problem with using httpErrors which is that it stops the error messages from UserFriendlyException being displayed. I am going to read up more on this but wanted to update this thread.