Activities of "Sturla"

Thaks I have been trying to get this to work but hitting this code does not remove the permission.

[UnitOfWork]
public async virtual Task HandleEventAsync(EntityCreatedEto<UserEto> eventData)
{
    //doesn´t remove the permission
    await permissionManager.DeleteAsync("AbpIdentity.Roles.ManagePermissions",eventData.Entity.Name);
}

What am I missing?

I then thought it might be related to it being a IdentityUserCreatedEto but that code (below) is never hit.

public class TenantCreatedHandler : IDistributedEventHandler<EntityCreatedEto<IdentityUserCreatedEto>>, ITransientDependency
{
    public TenantCreatedHandler(IdentityUserManager identityUserManager, IPermissionManager permissionManager)
    {
        this.identityUserManager = identityUserManager;
        this.permissionManager = permissionManager;
    }

    private readonly IdentityUserManager identityUserManager;
    public IPermissionManager permissionManager { get; }

    [UnitOfWork]
    public async virtual Task HandleEventAsync(EntityCreatedEto<IdentityUserCreatedEto> eventData)
    {
        //this is never hit...
        var entity = await identityUserManager.GetByIdAsync(eventData.Entity.Id);
        await permissionManager.DeleteAsync("AbpIdentity.Roles.ManagePermissions", entity.Name);
    }
}

Ok I managed to find the issue and it was this https://github.com/abpframework/abp/issues/9579 where I hid the admin menu (just before going on a summer vacation and forgot about it)

BUT that does not negate my issue, of hiding parts of the menu

What do I use to remove these grants/permissions from the tenant?

I have tried IPermissionManager but that doesn´t do it

Here is my code where I´m trying to remove these menu items by trying to remove them from the AbpPermissionGrants table.

public class RegisteredUserHandler : IDistributedEventHandler<EntityCreatedEto<UserEto>>, ITransientDependency
{
public RegisteredUserHandler(IdentityUserManager identityUserManager, IPermissionManager permissionManager)
{
    this.identityUserManager = identityUserManager;
    this.permissionManager = permissionManager;
}

private readonly IdentityUserManager identityUserManager;
public IPermissionManager permissionManager { get; }

[UnitOfWork]
public async virtual Task HandleEventAsync(EntityCreatedEto<UserEto> eventData)
{
    var theJustNowCreatedIdentityUser = await identityUserManager.GetByIdAsync(eventData.Entity.Id);

    // Only add this OrdinaryClientRole to none tenant users!
    if (!eventData.IsMultiTenant(out _))
    {
        var result = await identityUserManager.AddToRoleAsync(theJustNowCreatedIdentityUser, RoleConstants.OrdinaryClientRole);
    }
    else
    {
        //This does not remove anything
        await permissionManager.SetForUserAsync(eventData.Entity.Id, "AbpIdentity.Roles.ManagePermissions", false);
    }
}
}

Hopefully you can point me in the right direction...

I noticed (in Blazor) that the Administration side menu is missing for logged in tenant but I can still access the items, so not permission issue. I created a issue for this with more details https://support.abp.io/QA/Questions/1713/Administration-menu-missing-after-update-to-440

Here are two Blazorise GitHub issues that throw this error Unhandled exception rendering component: Could not find 'blazorise.tooltip.updateContent'

• issue 1
• issue 2

It gets fixed after re-running the bundling tool

Allthought the bunding tool now leves the following warning "Unable to minify the file: AuthenticationService.js. Adding file to the bundle without minification."

Ok I have been looking at this and mabe creating a role and asigning it to the user when he is created is the correct way about doing this.

Here is a working sample for others to follow.

Its still unclear if I should be using IDistributedEventHandler<EntityCreatedEventData<IdentityUser>> or IDistributedEventHandler<EntityCreatedEto<UserEto>>. Seemy question here.

public class RegisteredUserHandler : IDistributedEventHandler<EntityCreatedEventData<IdentityUser>>, ITransientDependency
    {
        private readonly IPermissionManager permissionManager;
        private readonly IdentityUserManager identityUserManager;

        public RegisteredUserHandler(IPermissionManager permissionManager,IdentityUserManager identityUserManager)
        {
            this.permissionManager = permissionManager;
            this.identityUserManager = identityUserManager;
        }

        [UnitOfWork]
        public async Task HandleEventAsync(EntityCreatedEventData<IdentityUser> eventData)
        {            
            // Add the permission to the role
            await permissionManager.SetForRoleAsync("OrdinaryClientRole", "MyPermission.Client", true);
            
            // Add the user to the role. 
            await identityUserManager.AddToRoleAsync(eventData.Entity, "OrdinaryClientRole");
        }
    }`

I will seed the role and add the permissions in one go like shown here.

You are misunderstanding this.

I´m trying to have different menu for a user that is not a Tenant and not Host.

I´m the host and Tenants can register with my system and add content that ordinary users can enjoy (for payment to me that I then monthly dish out to Tentans). The ordinary users need to be able to view collection of content from all the tenants in the system.

Did that explain it?

Hi again!

I did a MVP and settled on a multi-tenancy option but I didn't go into every detail and need some help with this comment

Clients can be normal IdentityUser (AbpUser). They can access products without any issues.

What I need to know is how do I separate the Client (ordinary user) from Tenant/Host? How can I show clients their menu items that are totally different from the Tentan ones? I have been having this discussion on github but remembered that I had asked this question and gotten this comment and now beleve the question belongs here.

This is (I hope) the last puzzle to get my Beta out the door so I hope you can point me in the right direction with this.

p.s I have a separate Identity Servar and have added the Account source module so I can modify it.

Ok thanks to extra pair of eyes from Liangshiwei we spotted nuget package that needed to be replaced by source.

I reccomend that this documentation

"In this case, you typically add the source code of the module to your solution and replace package references by local project references. ABP CLI automates this process for you."

should be updated to

"In this case, you typically add the source code of the module to your solution and replace every package reference in the solution with its corresponding local project references. ABP CLI automates this process for you."

Also this part "ABP CLI automates this process for you." is not correct... the CLI only adds nuget package to (in my case) Volo.Abp.Account.* and adds some properties. It does not add the references to the source code. This part of the CLI could be much much more powerful and would probably save lot of wasted time.

Btw I created a PR to the docs

I whent over this 2x to day and re-read everything I could get my hands (and tried various other things just for sport) with the same result.

I sent you email and would like assistance with this, thank you.

Sorry stil morning here.. wasn´t going to close this so reopening it!