Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC

Activities of "kbe"

All Question Answer
Newest Oldest
IsGranted(permission) issue with multiTenancy enabled #3318
Answer

The problem is a mistake in the signature of the overriding method. Namely a missing async.

public override async Task<bool> IsGrantedAsync(long userId, Permission permission)
{
}

Now, onto making the actual functionality in the IsGrantedAsync.

Cheers

IsGranted(permission) issue with multiTenancy enabled #3318
Answer

Hi ismcagdas, Thanks for the reply. I have tried to override the functionality in UserManager, but invoking even simple things seems to result in a hanging process. E.g.

public override Task<bool> IsGrantedAsync(long userId, Permission permission)
 {
   var permissionGrantInfo = this.AbpStore.GetPermissionsAsync(userId).Result;
   return base.IsGrantedAsync(userId, permission);
  }

Is it illigal to call this.AbpStore.GetPermissionsAsync(userId).Result; in the UserManager? I have triede several other invocations, but they all end in a hanging process. Same behaviour in 1.5.x and 2.0.2.

If I leave this in as the only code, then it works as normal. return base.IsGranted(...)

Br Kim

IsGranted(permission) issue with multiTenancy enabled #3318
Question

Scenario: We would like to associate each customer company with a tenant in order to bundle users and seperate access to data. We would like to define different permissions to protectect parts of a web page. We would like to reuse the roles across the different tenants.

Propose solution Tenant 1 used for customer a Tenant 2 used for customer b

Role A( TenantId NULL), Permission 1 (TenantId NULL) Role B( TenantId NULL), Permission 2 (TenantId NULL)

Customer a(TenantId 1), role A Customer b(TenantId 2), role A

When the 'customer a' user logs in, the isGranted(Permission 1) is always false unless a seperate role is created with the same TenantId as the customer user. (role, user, user account, and permission also needs to be associated with the same TenantId).

But this leeds to many roles covering the same permission(s), namely that each customer needs to have the same role defined to cover the same permission(s). Is there another way around this?? Maybe a isGranted method that does not take tenantId into account, but just checks that a user is associated to role with a permission, not using the tenantId filter?

I hope it makes sense :)

Cheers Kim

Showing 1 to 3 of 3 entries