Activities of "jogoertzen"

Is there a way to generate a dependency graph of all AbpModules that appear in an DependsOn attributes throughout the solution?

For example, I can look at the direct dependencies of a particular module rather easily.

And I can drill down into any one of those modules as well.

But I was hoping there was a way to show the entire hierarchy of modules that are actually used in all the projects in a solution all at once.

Something like this would be nice.

Thanks.

Running this command...

abp new Foo -t app-pro

...results in this error.

[14:59:07 INF] ABP CLI (https://abp.io)
[14:59:08 INF] Version 4.3.3 (Stable)
[14:59:09 INF] Creating your project...
[14:59:09 INF] Project name: Foo
[14:59:09 INF] Template: app-pro
[14:59:09 INF] Output folder: C:\Users\jogoertzen\temp1
[14:59:11 INF] Downloading template: app-pro, version: 4.3.3
Error occured while downloading source-code from https://abp.io/api/download/template/ :
Error while copying content to a stream.
[14:59:43 ERR] Error while copying content to a stream.
System.Net.Http.HttpRequestException: Error while copying content to a stream.
 ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
 ---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
   --- End of inner exception stack trace ---
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.GetResult(Int16 token)
   at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer)
   at System.Net.Http.HttpConnection.FillAsync(Boolean async)
   at System.Net.Http.HttpConnection.CopyToContentLengthAsync(Stream destination, Boolean async, UInt64 length, Int32 bufferSize, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnection.ContentLengthReadStream.CompleteCopyToAsync(Task copyTask, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionResponseContent.SerializeToStreamAsync(Stream stream, TransportContext context, CancellationToken cancellationToken)
   at System.Net.Http.HttpContent.LoadIntoBufferAsyncCore(Task serializeToStreamTask, MemoryStream tempBuffer)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpContent.LoadIntoBufferAsyncCore(Task serializeToStreamTask, MemoryStream tempBuffer)
   at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.DownloadSourceCodeContentAsync(SourceCodeDownloadInputDto input) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 208
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 112
   at Volo.Abp.Cli.ProjectBuilding.TemplateProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\TemplateProjectBuilder.cs:line 56
   at Volo.Abp.Cli.Commands.NewCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\NewCommand.cs:line 192
   at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 59

It turns out our firewall is blocking the download due to a high severity vulnerability in the file tui-editor-Editor-full.js called Apple Safari WebKit Selections Use-After-Free Vulnerability.

I have a few questions.

• Are you aware of this?
• Is there anything you can do to fix it?
• Is there anything we can do to work around it?

I have yet to find much information regarding this vulnerability, so any information you can provide would be appreciated.

Thanks!

Thanks, albert.

I reached out to our firewall team to see if they can provide the report you requested.

They gave me this: https://nvd.nist.gov/vuln/detail/CVE-2010-1812

They were also able to provide a screenshot from the paloalto Threat Vault. :)

• ABP Framework version: v4.3.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:

There is no exception message, but the auth-server logs contain the following information that seems to indicate that the user is not authorized to access /api/account/profile-picture.

[auth-server_f3e6eab0-2]: [14:36:07 INF] Request starting HTTP/1.1 POST https://localhost:44322/api/account/profile-picture application/json 822772
[auth-server_f3e6eab0-2]: [14:36:07 INF] CORS policy execution successful.
[auth-server_f3e6eab0-2]: [14:36:07 DBG] CORS request made for path: /api/account/profile-picture from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
[auth-server_f3e6eab0-2]: [14:36:07 INF] No CORS policy found for the specified request.
[auth-server_f3e6eab0-2]: [14:36:07 INF] Authorization failed. These requirements were not met:
[auth-server_f3e6eab0-2]: DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
[auth-server_f3e6eab0-2]: [14:36:07 INF] AuthenticationScheme: Identity.Application was challenged.
[auth-server_f3e6eab0-2]: [14:36:07 INF] Request finished HTTP/1.1 POST https://localhost:44322/api/account/profile-picture application/json 822772 - 302 0 - 8.0785ms

• Steps to reproduce the issue:
  • Generate a new microservice solution via abp suite v4.3.3 with the options below

• Run out\MyProject\etc\docker\up.ps1
• Run tye run in out\MyProject
• Open Chrome browser on http://localhost:4200
• Login as admin / 1q2w3E*
• Click admin > Manage your profile > Profile picture > Upload File > Choose File > Pick an image file > Save Changes > Yes
• Observe error below

Note: The Microsoft.EntityFrameworkCore.Tools package was recently upgraded to 5.0.8 which seemed to cause version conflicts with 5.0.7 during the build. I worked around the issue by downgrading to 5.0.7 and editing any .csproj files that contained version 5.0.* and replaced them with 5.0.7 explicitly.

Hi Albert,

Judging by the responses to the issue you created, it looks like upgrading to tui.editor v2.x is the recommended way to resolve this issue.

Is this something that can be done?

I am currently attempting to deploy v4.3.3 of the microservice template to OpenShift, and I realized that I had yet to properly configure the internal gateway routes (ie. it was still using the default configuration which points to various ports on localhost), but the overall application still seems to work fine. I even scaled the internal gateway deployment down to 0 pods and I still can't find anything that breaks as a result. The only thing I can find that even looks like it should talk to the internal gateway is the administration service which has the following default configuration pointing to 44302 (ie. the internal gateway port), but it would seem that the administration service doesn't use it.

// services\administration\src\MyProject.AdministrationService.HttpApi.Host\appsettings.json

{
  "RemoteServices": {
    "Default": {
      "BaseUrl": "https://localhost:44302/",
      "UseCurrentAccessToken": "false"
    }
  }
}

Am I missing something here? Does the internal gateway play a role at all in the microservice template? Thanks!

• ABP Framework version: v4.3.3
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace: N/A
• Steps to reproduce the issue:" N/A

Hi maliming,

Unfortunately, installing the latest .NET SDK did not solve the problem; the same error occurs.

I did a little digging and it seems Volo.Abp.EntityFrameworkCore >= 4.3.3 still depends on Microsoft.EntityFrameworkCore 5.0.7, but there are several package references in the Microservice template 4.3.3 that specify a wildcard in the patch version number (ie. 5.0.*) for Microsoft.EntityFrameworkCore that started resolving to 5.0.8 as of 2021-07-13. This seems to be what is breaking the build.

It seems the only options right now are (1) to replace all instances of 5.0.* with 5.0.7 to match Volo.Abp.EntityFrameworkCore, or (2) wait for a new version of Volo.Abp.EntityFrameworkCore that depends on Microsoft.EntityFrameworkCore 5.0.8.

Is that an accurate assessment?

Hi liangshiwei,

Was there a particular section of the documentation you linked to above that you would like me to focus on?

I believe I understand how the internal gateway is supposed to work, but it seems like the current version of the Microservice template does not actually use the internal gateway at all. In other words, the template seems to work fine even if the internal gateway is down.

Are you aware of this?