如何从主机列出具有特定角色的租户用户?

时间:2017-11-23 09:52:14

标签: c# asp.net-core authorization aspnetboilerplate asp.net-boilerplate

我正在开发一个使用ASP.NET Boilerplate构建的项目。我使用的模板是带有Angular的.NET Core,包括Module Zero。启用多方租用。

我目前正在处理的任务是允许主持人管理员查看来自每个租户的Admin角色的用户。我在租户列表的弹出菜单(Actions列)中添加了一个新菜单项。它调用API方法并传入tenantId

API代码如下所示(遵循Boilerplate代码模式):

if (tenantId != null)
{
    UnitOfWorkManager.Current.SetTenantId(tenantId.Value);

    adminRole = await _roleManager.GetRoleByNameAsync("admin");
}

if (tenantId != null && adminRole != null)
{
    users = users.Where(u => u.Roles.Any(r => r.RoleId == adminRole.Id));
}

var totalCount = await AsyncQueryableExecuter.CountAsync(users);

users = ApplySorting(users, input);

users = ApplyPaging(users, input);

在申请表中,我有很多租户。有些人有自己的数据库,有些人没有。当租户拥有自己独立的数据库时,上面的代码按预期工作,而租户没有,我得到一条错误消息:

  

未授予所需权限。必须至少授予其中一个权限:用户

在日志文件中,我有以下例外:

WARN  2017-11-23 10:37:23,101 [45] Mvc.ExceptionHandling.AbpExceptionFilter - Required permissions are not granted. At least one of these permissions must be granted: Users
Abp.Authorization.AbpAuthorizationException: Required permissions are not granted. At least one of these permissions must be granted: Users
at Abp.Authorization.PermissionCheckerExtensions.d__9.MoveNext() in D:\Github\aspnetboilerplate\src\Abp\Authorization\PermissionCheckerExtensions.cs:line 195
--- End of stack trace from previous location where exception was thrown ---at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Abp.Authorization.AuthorizationHelper.d__19.MoveNext() in D:\Github\aspnetboilerplate\src\Abp\Authorization\AuthorizationHelper.cs:line 48
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Abp.Authorization.AuthorizationHelper.d__22.MoveNext() in D:\Github\aspnetboilerplate\src\Abp\Authorization\AuthorizationHelper.cs:line 98
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Abp.Authorization.AuthorizationHelper.d__20.MoveNext() in D:\Github\aspnetboilerplate\src\Abp\Authorization\AuthorizationHelper.cs:line 57
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Nito.AsyncEx.Synchronous.TaskExtensions.WaitAndUnwrapException(Task task)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Nito.AsyncEx.Synchronous.TaskExtensions.WaitAndUnwrapException(Task task)
at Nito.AsyncEx.AsyncContext.Run(Func'1 action) at Abp.Authorization.AuthorizationInterceptor.Intercept(IInvocation invocation)
in D:\Github\aspnetboilerplate\src\Abp\Authorization\AuthorizationInterceptor.cs:line 20
at Castle.DynamicProxy.AbstractInvocation.Proceed()
at Abp.Domain.Uow.UnitOfWorkInterceptor.PerformSyncUow(IInvocation invocation, UnitOfWorkOptions options) in D:\Github\aspnetboilerplate\src\Abp\Domain\Uow\UnitOfWorkInterceptor.cs:line 68
at Castle.DynamicProxy.AbstractInvocation.Proceed()
at Castle.DynamicProxy.AbstractInvocation.Proceed()
at Castle.DynamicProxy.AbstractInvocation.Proceed()
at Castle.Proxies.UserAppServiceProxy.ApplySorting(IQueryable'1 query, PagedResultRequestDto input)
at CK.Users.UserAppService.d__16.MoveNext() in D:\Projects\CK\Development\aspnet-core\src\CK.Application\Users\UserAppService.cs:line 179
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at lambda_method(Closure , Object )
at Microsoft.Extensions.Internal.ObjectMethodExecutorAwaitable.Awaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.d__23.MoveNext()

问题在于,为什么相同的代码适用于拥有自己的数据库的租户,但是对于其他人我得到了例外?我需要做什么,以便无论租户如何设置,我都可以使用此代码?

欢迎所有建议。

此致 亚历

1 个答案:

答案 0 :(得分:2)

AuthorizationInterceptor似乎不必要地拦截了ApplySorting方法。

您可以使用[AbpAllowAnonymous]属性安全地覆盖该方法:

[AbpAllowAnonymous]
protected override IQueryable<User> ApplySorting(IQueryable<User> query, UserGetAllInput input)
{
    return base.ApplySorting(query, input);
}