Activities of "cangunaydin"
Hello again, i don't think it is related with PermissionDefinitionManager. I did some tests. Actually Permissions are seeded in the db. But i am getting error on the ui side when i try to login here is the video for that. What i did is just to change dataseeding as i mentioned before.
https://drive.google.com/file/d/1cXbxgi6WZF1_m7c9d8iDbqd49lpCU1C2/view?usp=sharing
here is the code that i have changed, when the new tenant has been created it triggers.
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using ApproveIt.Shared.Hosting.Microservices.DbMigrations;
using Doohlink.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using Volo.Abp.Data;
using Volo.Abp.EventBus.Distributed;
using Volo.Abp.Identity;
using Volo.Abp.MultiTenancy;
using Volo.Abp.Uow;
using Volo.Saas.Tenants;
namespace Doohlink.DbMigrations;
public class AdzupDatabaseMigrationEventHandler
: DatabaseMigrationEventHandlerBase<DoohlinkDbContext>,
IDistributedEventHandler<TenantCreatedEto>,
IDistributedEventHandler<TenantConnectionStringUpdatedEto>,
IDistributedEventHandler<ApplyDatabaseMigrationsEto>
{
private readonly IdentityServiceDataSeeder _identityServiceDataSeeder;
private readonly AdministrationServiceDataSeeder _administrationServiceDataSeeder;
private readonly IDataSeeder _dataSeeder;
public AdzupDatabaseMigrationEventHandler(
ILoggerFactory loggerFactory,
ICurrentTenant currentTenant,
IUnitOfWorkManager unitOfWorkManager,
ITenantStore tenantStore,
ITenantRepository tenantRepository,
IDistributedEventBus distributedEventBus,
IdentityServiceDataSeeder identityServiceDataSeeder,
AdministrationServiceDataSeeder administrationServiceDataSeeder,
IDataSeeder dataSeeder) : base(
loggerFactory,
currentTenant,
unitOfWorkManager,
tenantStore,
tenantRepository,
distributedEventBus,
DoohlinkDbProperties.ConnectionStringName)
{
_identityServiceDataSeeder = identityServiceDataSeeder;
_administrationServiceDataSeeder = administrationServiceDataSeeder;
_dataSeeder = dataSeeder;
}
public async Task HandleEventAsync(ApplyDatabaseMigrationsEto eventData)
{
if (eventData.DatabaseName != DatabaseName)
{
return;
}
try
{
var schemaMigrated = await MigrateDatabaseSchemaAsync(eventData.TenantId);
await _identityServiceDataSeeder.SeedAsync(
tenantId: eventData.TenantId,
adminEmail: DoohlinkConsts.AdminEmailDefaultValue,
adminPassword: DoohlinkConsts.AdminPasswordDefaultValue
);
await _administrationServiceDataSeeder.SeedAsync(eventData.TenantId);
if (eventData.TenantId == null && schemaMigrated)
{
/* Migrate tenant databases after host migration */
await QueueTenantMigrationsAsync();
}
}
catch (Exception ex)
{
await HandleErrorOnApplyDatabaseMigrationAsync(eventData, ex);
}
}
public async Task HandleEventAsync(TenantCreatedEto eventData)
{
try
{
await MigrateDatabaseSchemaAsync(eventData.Id);
await _dataSeeder.SeedAsync(
new DataSeedContext(eventData.Id)
.WithProperty(IdentityDataSeedContributor.AdminEmailPropertyName,
DoohlinkConsts.AdminEmailDefaultValue)
.WithProperty(IdentityDataSeedContributor.AdminPasswordPropertyName,
DoohlinkConsts.AdminPasswordDefaultValue)
);
// await _identityServiceDataSeeder.SeedAsync(
// tenantId: eventData.Id,
// adminEmail: eventData.Properties.GetOrDefault(IdentityDataSeedContributor.AdminEmailPropertyName) ??
// DoohlinkConsts.AdminEmailDefaultValue,
// adminPassword:
// eventData.Properties.GetOrDefault(IdentityDataSeedContributor.AdminPasswordPropertyName) ??
// DoohlinkConsts.AdminPasswordDefaultValue
// );
// await _administrationServiceDataSeeder.SeedAsync(eventData.Id);
}
catch (Exception ex)
{
await HandleErrorTenantCreatedAsync(eventData, ex);
}
}
public async Task HandleEventAsync(TenantConnectionStringUpdatedEto eventData)
{
if (eventData.ConnectionStringName != DatabaseName &&
eventData.ConnectionStringName != ConnectionStrings.DefaultConnectionStringName ||
eventData.NewValue.IsNullOrWhiteSpace())
{
return;
}
try
{
await MigrateDatabaseSchemaAsync(eventData.Id);
await _identityServiceDataSeeder.SeedAsync(
tenantId: eventData.Id,
adminEmail: DoohlinkConsts.AdminEmailDefaultValue,
adminPassword: DoohlinkConsts.AdminPasswordDefaultValue
);
await _administrationServiceDataSeeder.SeedAsync(eventData.Id);
/* You may want to move your data from the old database to the new database!
* It is up to you. If you don't make it, new database will be empty
* (and tenant's admin password is reset to IdentityServiceDbProperties.DefaultAdminPassword). */
}
catch (Exception ex)
{
await HandleErrorTenantConnectionStringUpdatedAsync(eventData, ex);
}
}
}
if i uncomment the lines that is commented(if i revert it like in microservice template), it works fine. What can be the reason i wonder? and i can see the permissions that is seeded in db for newly created tenant. (for idataseeder)
Hello @gterdem, Thank you for the answer, but i think we are talking different things. I will try to explain what i am thinking step by step, hope i can manage that. I will talk about AdministrationService inside microservice template and how do I think about it.
- PermissionManagement Module is part of administration service
- So it includes PermissionDataSeedContributor that you have sent the link in the previous message.
- When application started it registers the PermissionDataSeedContributor to the dependency injection system.
- When you compare AdministrationServiceDataSeeder (omitting language management for now) and PermissionDataSeedContributor they are exactly doing same thing (correct me if i am wrong over here or i miss sth)
PermissionDataSeedContributor
var multiTenancySide = CurrentTenant.GetMultiTenancySide();
var permissionNames = (await PermissionDefinitionManager.GetPermissionsAsync())
.Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
.Where(p => !p.Providers.Any() || p.Providers.Contains(RolePermissionValueProvider.ProviderName))
.Select(p => p.Name)
.ToArray();
await PermissionDataSeeder.SeedAsync(
RolePermissionValueProvider.ProviderName,
"admin",
permissionNames,
context?.TenantId
);
AdministrationServiceDataSeeder
var multiTenancySide = tenantId == null
? MultiTenancySides.Host
: MultiTenancySides.Tenant;
var permissionNames = (await _permissionDefinitionManager
.GetPermissionsAsync())
.Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
.Where(p => !p.Providers.Any() || p.Providers.Contains(RolePermissionValueProvider.ProviderName))
.Select(p => p.Name)
.ToArray();
_logger.LogInformation($"Seeding admin permissions.");
await _permissionDataSeeder.SeedAsync(
RolePermissionValueProvider.ProviderName,
"admin",
permissionNames,
tenantId
);
- So as a conclusion, if i inject IDataSeeder to AdministrationServiceDataSeeder and call _dataSeeder.SeedAsync(), i am expecting the _dataSeeder.SeedAsync() should trigger PermissionDataSeedContributor, and seeding the data.
what do i miss over here? can you point out? look at the image below, why this code won't work?
Since i am curious about the question above, I do not use microservice template, i have a different setup. In my setup all abp modules are in one microservice, So i don't have any separated abp modules in different microservices, I am expecting data seeding to seed default static permissions but IDataSeeder not seeding the permission data when i create new tenant. That's why i raised the question at the first place. But if you can answer the above i suppose it would help with my problem.
Hello @gterdem, That's exactly what i think, and that's why i raised the question,
If we continue from microservice example, for ex, in identityservice (Microservice) you have reference to identiy module, you indirectly referencing idataseedcontributor of the identity module. So why not call _dataseeder.Seed() method directly instead explicit calls to different dataseed service? I think you want to seed the data of the related microservice isn't it (which includes related modules)?
For ex, IdentityService (in Microservice Template) includes (Volo.Abp.Identity.Pro.Domain and Volo.Abp.OpenIddict.Pro.Domain) which also includes related DataSeedContributors (for ex, IdentitySeedContributor) coming from those modules. Am i missing sth over here?
here is the second part of my question
Let's assume that i create one microservice containing all abp modules,(which was my monolith app). Let's name this MainService. Then created extra microservice. Let's name it ExtraService. In this case if i call IDataSeeder.Seed() method when new tenant is created according to your explanation everything should work fine. And MainService should create admin user and permissions. But i am seeing that permissions are not created. What can be the reason for that?
ok thank you @maliming
Hello again, yes i have read that, but the question over here is
Why IDataSeeder is not directly triggered even on the fly migrations? Cause the microservice already includes those classes (classes that implements IDataSeedContributor)?
To examplify it. Why don't we directly trigger IDataSeeder like i have shown here, when the tenant is created.
Or another way of asking this is, why monolith app can seed the identity data with IDataSeeder and Identity MicroService can not with the same method? (so we need to use IIdentityDataSeeder explicitly)
- ABP Framework version: v8.0.0
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
Hello,
I have a monolith abp application, which i created separate modules inside.
Now i have created host application on one of my modules to use it as a microservice.
While i am converting the app to support microservice. I have realized that monolith app use IDataSeeder for data seeding then all the classes that implements IDataSeedContributor is contributing to data seed process. And this is working perfectly. For ex: when i create a new tenant, it also creates the admin user, and give permissions.
But when i was looking at the abp microservice startup template i have seen that, for identity,openiddict,permissions and language there are different data seeders. These implementations are custom implementations and do not use IDataSeeder.
so here is my questions.
- Is it possible to use IDataSeeder in microservice projects to seed data? For ex, for identity data seeding, if your microservice includes identity module you can just call _dataSeeder.Seed() method with a context and all the contributors should contribute to data seeding. Why this option is not used? As i see from microservice template, all the data seeding has been done one by one.
- to test the idea i have injected IDataSeeder to event handler class. When tenant is created, the SeedAsync() method triggered. User has been created but there has been some problems with permissions (permissions are not created for the admin user of the new tenant).
So another question regarding the situation, how does monolith app seeding the permissions for new tenant's admin with _dataSeeder.SeedAsync() method? And why it doesn't work on microservice startup template?
Thank you for the assistance.
Ok i figured it out at the end. It was working fine on my local. My production was on azure kubernetes service with nginx ingress. So over there i need to do some configuration to accept underscores for tenant header.
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#enable-underscores-in-headers
now it works fine.
Hello again, I realized now it only login with host account and not allowing tenant logins. When i give email address, there was already an email address on the host account with that email address and password was the same. That's why it logged in with tenant email address but not with username.
So the question here is why tenant header is ignored while i am doing the request? here is what i have found.
as you can see tenant header is over there. but i am always getting invalid_grant with invalid email address and password. any idea what can be the problem?
Hello,
I am having strange issue about the authentication from console app.
here is my code to do the auth.
this code works fine when I use email address as username, but when i switch to username ("admin"). it doesn't login and it gives me invalid_grant(invalid username or password!) exception.
is this expected behavior or is there a way to login with username or email address?
- ABP Framework version: v8.0.0
- UI Type: Angular
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
Hello I have a tiered web app with angular. The problem is on authserver though. I use LeptonX theme and this question is related with MVC LeptonX Theme. On some devices login page box can not fit to the page. Since overflow is hidden on the page, user can not see the login button. When i publish my maui app for release to the apple store, apple store rejected the app. As you know Oauth is used on the maui project. And When the new login page opens on the browser(for ex: on ipad) it doesn't fit on the page. Since user can not scroll, login button is not visible for them. Here some pictures from simulator.
also you can try this on your chrome browser with chrome dev tools. here is a video to show the case. https://app.screencastify.com/v3/watch/50zMj6cLwJipmPZn22NE
I am no expert on html and css. But i managed to fix it by doing this.
- I removed overflow-hidden from container-fluid
- second thing i have done was about bg image. I realized that .lpx-login-area .lpx-login-bg style has height:100% That makes the overflow weird like this.
when i remove the height:100% i got what i want.
What i want to ask is should i expect any side affects from these changes. Was this a bug or sth i couldn't think of for an edge case?