Activities of "FrancoisLabelle"

Hello Albert,

Actually, I tried with Blazor and EF Core. Tiered or not, that changes nothing. MVC or Angular, same thing also.

In facts, the main problem is that the primary key (Id) cannot be exposed by default in the CRUD page­. This should be made an option I think.

Id values are usually generated automatically. While it can make sense for GUID, INT and LONG, for string it makes no sense. Well, unless we could provide some kind of formula to autogenerate the Id... Another feature to add some day.

When the primary key type is string, then it makes no sense to not be able to present this field to the end user for the "add page".

But, actually, if you still do, then we cannot add a new entry because the insert will fail with a generic error message. Then, we can say that the provided application is not working.

So, I'm not sure why you have offered this type (string) without really supporting it ?!?!?

We might find this "unfinished feature" useful in some specific situations, but not in ours

At least, the documentation should make this clear that this type is not fully supported and that this feature is meant to... (?!?!)....

Regards

ABP Suite Version : 5.3.2

If you create a new entity with a primary key type of string, the generate CRUD pages does not work (the Add New page, at least in Razor mode).

The ID field is not displayed, so, the value cannot be entered and error occurs when you try to save, of course.

(The default size should be asked/entered because the default of 450 seems way too big, especially for a primary key. )

If you create records in background (directly in the DB), the update/delete feature works at least.

• many-to-many with supporting custom properties in intermediate tables and wilth fully support on abp.suite
• many-to-many UI with generated grids with related entity with options "New", "Update", "Link", "Unlink", "Delete" - example how it

Of course we need this !!!

In my humble opinion, it is like a standard basic feature that is missing. Almost all applications needs this, being able to add child records with multiple values/columns. And most, if not all, application template builder from the past 25 years has this kind of features. I'm really surprised that this is not already there in ABP Suite.

• Actual 1-to-many or many-to-many feature should allow us, at least, to choose more than one field to be the "display property". We should be able to order them and pick the separator characte. Being able to enter something like a "format template", instead of a drop down list, would be good: E.g. {Name} - {Value} (Comments).

• ID should be one of the available field to be picked as Display Property, especially if you choose it to be something else than a GUID (meaning that it is human readable/usable).

• When creating a 1-to-many relation, an option should allow us to create the reverse relation at the same time.

**BUG **! An external user can easily bypass the third party authentication, just by asking for a password reset and login back as a "internal user". (Note, disabling the internal user login feature is not something that we can do, we need and are using both kind of user login). To solve this bug ..... Improvements needed. .....

I'm not sure this is a bug, even using Twitter, if I use Google social external login. I also can change the password and send an email to reset the password.

Thanks liangshiwe, I will change my point of view and stop calling this a bug... But let's say it depends of the software you authenticate too and what is the purpose of the "alternate identity provider". In the Twitter situation, they want to give you the choice. In our situation, we want to force them to use the External Provider we choose as being the corporate one. So, ok, let's say is not a bug and we will have to alter the default behavior ourselves.

And I already seen some other platform asking to link "external" and "internal account" when I tried to authenticate using a third party (Facebook, Google, etc.) and had to decide if I want to switch my account. I also seen some other platform sending you to the "Microsoft forget password page" when you have used Microsoft account to login/register.

But, you're right and I agree, usually, must platform do not care about the way you log in. They maintain both the "Internal" and "external" login option and you can use both of them like you want.

But at least, let's consider this as a future development... a parameter that we could set that will prevent the external users to use the "classical login" and prevent password change. Until then, we will customize this for our needs. Thanks.

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ DONE Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index DONE The exact solution to your question may have been answered before, please use the search on the homepage. : No result for these issues.

• ABP Framework version: v5.3.1
• UI type: Blazor
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace: None
• Steps to reproduce the issue:" (Explained below...)

Hello,

I might have split this "Bug report / feature request" in more than one post, but it's all related to the same...

**The main goal I would like to achieve here would be to "pre-register" some corporate users (using Azure AD) to log in in my application, but without allowing anyone else being able to self register ! And I would also like to use third party authentication in a safe way and right now, it is not because it's too easy to bypass it. ** BUG * I saw that a new "import" button as appeared recently... but it's not working ! A message says "No external login provider available * while this is not true. * My external login provider i**s setup and perfectly working **!!! I would have tried this new feature it but I can't. So, maybe it would do a part of the job when fixed. Actually, when you create a new user, even using the pro modules, there is no way to add an external user manually (let's say using Azure AD but also any other third party external provider). We cannot specify that the user is or will be an external user. Also, you absolutely need to enter a password, that will not be used anyway.

I feel like the default GUI are missing some things... and the overall identification process should be reviewed/improved because it is unsecured and missing some features that should be already there.

Despite the presence of the column IsExternal in table AbpUsers, it seems that nothing is using this column... but it could and should be used...

Here is what I would like to see and/or consider like a bug and/or an important missing feature, especially in a so called PRO module.

1. Be able to create an external user, meaning also a "password less user", meant to be an external user ONLY.
   1. **BUG **! An external user can easily bypass the third party authentication, just by asking for a password reset and login back as a "internal user". (Note, disabling the internal user login feature is not something that we can do, we need and are using both kind of user login).
      1. To solve this bug:
         1. An external user should never be allowed to login with a password.
         2. The password reset feature should be considering the IsExternal column value and if set to true, refuse to the user a password reset attempt.
   2. Improvements needed.
      1. Put the "Is External" check box on the standard new/edit user form.
      2. When the checkbox is checked, ignore the password field and the fact that this field value is required.
      3. Add tabs to the new/edit form, with titles being the name of enabled external providers...
         1. The tab should provide a field to enter the user unique id for this provider (ObjectId for AD), (the AbpUserLogins.ProviderKey column in DB)
      4. Add the "IsExternal" column in the grid (user list)
      5. Disable the action SetPassword for External user.

P.S. I know that I can download the source code and do all of this myself, but I think that all of this should be "as default", especially for a pro module.

2. Self registration should be improve for external user...
   1. A new two step self registration should be added for external user.
      1. First, someone should create the user as an external user.
      2. Second, the user identifies itself against the third party identity and then, complete its self registration ABP...
         1. This mean that the actual attempt to create a new user should be skipped (when already existing) and the part where the objectid is saved in AbpUserLogins table should be kept to "finalize" the user registration.
3. Microsoft authentication should be improved...(google and twitter too...)
   1. Endpoints management should be improved. Actually hard coded (easy code change, I know...), these should be parameters as ClientId and ClientSecret are.
   2. Some optional parameters could be sent with the "oauth request", like "&promp=xxx (xxx being various possible value)" or login_hint=yyyy, etc. These could be nice to add as optional parameters concept and used to append these automatically to the URL.

Thanks

Hello,

I had a similar issue when I have activated the Microsoft login and tested it locally on my workstation using IIS express.

My solution was to add this configuration in the web.config file of the IdentityServer project.

<system.webServer>
	<security>
		<requestFiltering>
			<!--This is needed with IISEXPRESS to allow the callback from Microsoft OAuth/OIDC authentication with a large query string. (OIDC Specs says max 2047...) -->
			<requestLimits maxQueryString="4096" />
		</requestFiltering>
	</security>
</system.webServer>

Hi, and thanks for your answer.

I admit that I'm not yet familiar with the "Docker sttuff". Will it be easier ? Not sure because I think the problem remains the same.

Actually, I'm using this standard task in Azure to deploy. In the parameters, I just fix to which web app I want to deploy. This web app is "plain", "clean", without any bundle or package installed (well, appart the default standards one provided by Microsoft)

https://github.com/microsoft/azure-pipelines-tasks/blob/master/Tasks/AzureRmWebAppDeploymentV4/README.md

That's what I'm calling "deployment on a clean/vanilla server". The deployment is basically an "unzip of the artifact built during the build process"... so everything should be included during the build, I agree.

Of course, during the build process, there is a sub tasks that launches the "package restore" step. And it's working well with all the NuGet packages. But there is not step (yet) to restore the /libs folder and I don't know how to do this yet because the only way I found to do this is to launch the ABP CLI with the install-libs parameters.

So, how I can do this properly during the build process ? What is the best way to do this ?

Should I insert a new "power shell script" that will launch abp.exe CLI (that I would have to include in my repo somewhere) with the parameter "install-libs" ?
Is abp.exe having dependencies ? Should I provided some environment variables to tell abp.exe where is my licence key ?

If it's not the way to go... then what should be the right method ?

P.S. For now, I just removed the exclusion in the .gitignore file, commit and push and everything has been successfully deployed, but I'm looking for the right way of doing this.

Hello,

I would like to know what is now the best way to deploy the libs folder to a clean/vanilla server (like a fresh new Web App Service in Azure) since this folder has been added to the list of exclusion in the .gitignore file.

------Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ DONE Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index DONE The exact solution to your question may have been answered before, please use the search on the homepage. Found nothing except to run the CLI command "abp install-libs"

• ABP Framework version: v5.2
• UI type: Blazor
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no
• Exception message and stack trace:
• [ERR] An unhandled exception has occurred while executing the request. Volo.Abp.AbpException: Could not find file '/libs/@fortawesome/fontawesome-free/css/all.css' at Volo.Abp.AspNetCore.Mvc.UI.Bundling.BundlerBase.GetFileInfo(IBundlerContext context, String file) at Volo.Abp.AspNetCore.Mvc.UI.Bundling.BundlerBase.GetAndMinifyFileContent(IBundlerContext context, String fileName) at Volo.Abp.AspNetCore.Mvc.UI.Bundling.BundlerBase.GetFileContentConsideringMinification(IBundlerContext context, String fileName) at Volo.Abp.AspNetCore.Mvc.UI.Bundling.BundlerBase.Bundle(IBundlerContext context) at Volo.Abp.AspNetCore.Mvc.UI.Bundling.BundleManager.<>c__DisplayClass16_0.b__0() at System.Collections.Generic.AbpDictionaryExtensions.<>c__DisplayClass7_0`2.b__0(TKey k) [....]
• Steps to reproduce the issue:" Publish into Azure app service from a Git Branch... new rpoepo in DevIpsipOps.

Locally, the solution to this problem is to run "abp install-libs" and it does the job. But, remotely, the ABP client is not available...

Then, what is your recommandation for the best way to have the libs folder being restored/deployed with the application ?

1. Remove the .gitignore exclusion and push the libs folder to my source file repository ? (What was the initial goal of this change, then ?!?!?)
2. Find a way to deploy the ABP CLI application and launch it remotely ? (That sounds a bit complicated....)
3. Change some files (package.json or whatever related to this) to have the packages automatically restored ? (That should be good for anyone cloning the solution from the repo also)
4. Other ?

Thanks