Hi @imscagdas,
I have created a PR in AspNetBoilerplate which fixes the issue for me. Please review.
UserManager and PermissionManager appear to use different techniques to determine the active MultiTenancySide - by copying across the UserManager technique to PermissionManager, it appears to resolve the issue.
Thanks and regards,
https://github.com/aspnetboilerplate/aspnetboilerplate/pull/6116
Hi, I have tracked down the issue.
After restarting the application server, and clicking "return to my account", all caches are empty - and the RoleManager will repopulate the cache with the admin user role permissions (role 1). The Role Manager calls "PermissionManager.GetAllPermissions(true)", and you can see that AbpSession still contains all the information for the impersonated account - rather than the impersonator account.
This fails to return the permissions on the Host side, and hence, a much smaller permission set (50, instead of 70-something) - but you can clearly see that this permission set is assigned in the cache to cacheKey "1@0".
This is what "GetAllPermissions" should look like...
Because these corrupt permissions are then stored in the cache, this explains why the application must be reset, or permissions changed (to trigger repopulation of the cache).
I guess the real question is - why is AbpSession still returning "MultiTenancySide == Tenant" after returning back to the Host account?
hi,
yes, that looks like the same issue I'm having. I also found those 2 actions (editing the user permissions, or recycling the application pool) were the only solutions.
Of course, neither are really acceptable for my production customers...
Is there some part of the authentication token/crypto that is generated on app-start? If so, it would explain why recycling the server breaks active session tokens - i.e, theyre not expired, but essentially become corrupted...
I can reproduce this issue consistently. I can share a screen recording with you (privately) if you wish.
10.0.0 (20210301) Angular .Net Core Multitenancy
I am receiving reports from my super users (those who have access to impersonate tenant accounts) that sometimes they lose their access to administrative menu pages, such as the "Tenants" and "Maintenance" menus. The menus disappears from the navigation tree, and even if the user types the administrative page address directly into the address bar, they are bounced as if they do not have permissions. I have traced this back to, when the user is impersonating a tenant account, the server application has been recycled. The user then "returns to my account", and they are still logged in, but they have lost their claims to administrative permissions. There is no way for the user to fix this - no amount of logging in and out, clearing cookies, etc, will fix it.
The only fix I have found, is to ask the user to log out, then recycle the application pool again - as you can imagine, this just raises the risk of it happening to another user.
Please advise,
thanks and regards,
AspNetZero .NET Core/Angular 10.2
I have added numerous new tables to my schema, which must be initialized for each new tenant created.
Do you have a recommended hooking process/convention for "initializing" default state for a new tenant?
I have scanned the documentation, and the best I could find, was reference to seeding tables during migration - which doesnt address seeding/initializing when a host admin clicks "new tenant".
Thanks,
Asp.NET Core/Angular
I am adding a new area to my site which will use the PrimNG Table component. I have it working correctly, however, it is not styled the way it should be for a PrimeNG component.
I have taken the code sample from here: https://stackblitz.com/edit/primeng-tableedit-demo?file=angular.json
But instead it looks like this:
note how the primeicons font buttons have not loaded
What could I be missing for the styles to be picked up correctly?
Hi there,
There is alot of code, sharing is not easy. I could have a remote session with you however, and walk you through it. I think the issue comes from the fact that when the DevExpress report server generates the actual report, it's no longer executing within the http request that the initial controllers were created through. It's a horrible "background thread" approach that just seems to cause issues - unfortunately, its how the DevExpress report server is designed to work - and I don't see it changing any time soon.
When I dump the stack trace, it doesnt contain any frames from above the Controller - no ASP.net frames, no Castle Windsor, Abp or AspNetZero... so I think it's a newly spawned thread.
One thing I would like to try, is fully re-initializing the DI container for my controller. Can you provide me with example code on how to fully initialize the DI container?
i.e, how do I create the ServiceCollection and populate it with all the same convention registered services, logging, etc....
Thanks,
I have integrated the DevExpress report server, and have found that my repository which supplies the data to the report, is not applying the ISoftDelete filter when a debugger is not attached.
Various scenarios:
Hi @velu,
We are also recently considering this undertaking - I would be interested to see how you went about achieving this. Could you please also share your code with me at [email protected]
Thank you and regards,