Activities of "learnabp"
In our use case the users are not allowed to change their username so i have override the UpdatAsync to be as follows
(await UserManager.SetUserNameAsync(user, input.UserName)).CheckErrors();
The above line is what changes the SecurityStamp which forces the user out because we are using AbpSecurityStampValidator to ensure that the same user cant be signed in concurrently using the same username.
public override async Task<IdentityUserDto> UpdateAsync(Guid id, IdentityUserUpdateDto input)
{
//ADDED BY VB: To check if all Roles avalible as per license have been consumed.
if (CurrentUser.UserName != "dfo.admin")
{
await CheckCurrentTenantsLicenseConsumed(id, input);
}
await IdentityOptions.SetAsync();
var user = await UserManager.GetByIdAsync(id);
user.ConcurrencyStamp = input.ConcurrencyStamp;
if (!string.Equals(user.UserName, input.UserName, StringComparison.InvariantCultureIgnoreCase))
{
if (await SettingProvider.IsTrueAsync(IdentitySettingNames.User.IsUserNameUpdateEnabled))
{
(await UserManager.SetUserNameAsync(user, input.UserName)).CheckErrors();
}
}
await UpdateUserByInput(user, input);
input.MapExtraPropertiesTo(user);
(await UserManager.UpdateAsync(user)).CheckErrors();
await CurrentUnitOfWork.SaveChangesAsync();
var userDto = ObjectMapper.Map<Volo.Abp.Identity.IdentityUser, IdentityUserDto>(user);
//ADDED BY VB: To send an email to the user notifying their prifile has changed
var ppmUser = await GetUserByEmail(input.Email);
await _subscriptionEmailer.SendPpmUserUpdatedEmailAsync(ppmUser, "MVC");
return userDto;
}
Thanks for you help @liangshiwei
I have discoverd a side effect when implementing this in our application to deal with concurrent user.
It seems when we updated the user via his profile or in the users table under Identity the security stamp is updated and the user is logged out.
can you please suggest how we can over come this, if the user is updating his profile or via the user table the user shouldn't update its seucirty stamp.
Have a lok at the below screen shoot when at the login screen and not logged in when i supply the __tenantId as a QueryStringParamater it doesn't populate the Tenant-Switch-Box automatically
i have tried that it does wirk unless the user is authenticated
i think thia line is cauaing the problem for a tenant becuase the emailsetting should only be avalabile to the hist right ?
modules/setting-management/src/Volo.Abp.SettingManagement.Web/AbpSettingManagementWebModule.cs
Configure<RazorPagesOptions>(options =>
{
options.Conventions.AuthorizePage("/SettingManagement/Index", SettingManagementPermissions.Emailing);
});
- Update tools to 4.3.2
- run command
abp new Acme.BookStore - Open solution file
- Run
*.DbMigratorand then run the solution with*.Webproject as startup project - Login as admin
- Create a Tenant
Test - Logout
- Switch Tenant to new tenant
Test - Try and navigate to settings under Administration menu
- You will be redirected to Access Denied Page
I tried 4.3.2 and i can't even navigate to the setting page i am getting "access denied" error,
please see issue https://support.abp.io/QA/Questions/1424/Access-Denied-to-Settings-Management-for-Tenant-on-432
i think there is bug in the new 4.3.2 Commercial template it is trying to acess the Email Settings tab as a tenant and redirecting to "Access Denied"
I think it is a bug becuase it is trying to access the Email Settings tab for the tenant and since the tenant doesn't have access to the Email Settings it is giving "Access Denied"
Dear Albert
I am using the Commercial MVC template 4.2.2
I have commented the below lines in the *.Domain project and have setup the SMTP setting currectly, other emails are being sent out currectly.
//#if DEBUG
//context.Services.Replace(ServiceDescriptor.Singleton<IEmailSender, NullEmailSender>());
//#endif
The verification emails are not set out as part of the login flow, the user has to be logged in and access their profile and click on verify, however if it is a new user how can they login to access their profile. The verification process should be done during log on and an email should be sent out to the user so they can verify their email and phone number for TwoFactor authentication to kick in.
Can you please let me know if the Verification of email and phone number is part of the login flow?
i have looked at the source code of the Account.Pro module which comes with the commerical template and i can't see the verification process in the login flow can you please confirm?
well may be this is not the best way .... becuase i am not using Ajax and becuase my form is using the Post method I have written some javasciprt to get over the hurdel of validating the TenantName and confirm password fields.
var abp = abp || {};
$(function () {
var subscriptionService = window.desertFire.ppm.subscriptions.subscription;
var $frmBuy = $("#frmBuy");
var $btnRegisterTenant = $("#btnRegisterTenant");
var $tenantName = $("#txtTenantName");
var $txtAdminPassword = $("#txtAdminPassword");
var $txtConfirmAdminPassword = $("#txtConfirmAdminPassword");
$btnRegisterTenant.click(function (e) {
e.preventDefault();
var isTenantNameAlreadyExist = false;
subscriptionService.isTenantNameAlreadyExist(
$tenantName.val()
).then(function (isTenantNameAlreadyExist) {
console.log(isTenantNameAlreadyExist);
if (isTenantNameAlreadyExist) {
abp.message.error("Sorry this Tenant Name: '" + $tenantName.val() + "' already exists, please choose another");
} else if ($txtAdminPassword.val() != $txtConfirmAdminPassword.val()) {
abp.message.error("The Password do not match, please ensure that the confirm password is the same!");
} else {
$frmBuy.submit();
}
});
});
});
Dear Volosoft Team this is method the right approach?