From 1398c8d67b15fb01e14fc483b2568019483df48c Mon Sep 17 00:00:00 2001
From: maliming <malimings@gmail.com>
Date: Mon, 17 Nov 2025 11:52:27 +0800
Subject: [PATCH] fix(permission-management): validate user ID parsing in role
 permission providers

---
 .../Identity/RolePermissionManagementProvider.cs               | 3 +--
 .../Identity/RoleResourcePermissionManagementProvider.cs       | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RolePermissionManagementProvider.cs b/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RolePermissionManagementProvider.cs
index e97d524cd7..5cd2dda193 100644
--- a/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RolePermissionManagementProvider.cs
+++ b/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RolePermissionManagementProvider.cs
@@ -49,9 +49,8 @@ public class RolePermissionManagementProvider : PermissionManagementProvider
 
             }
 
-            if (providerName == UserPermissionValueProvider.ProviderName)
+            if (providerName == UserPermissionValueProvider.ProviderName && Guid.TryParse(providerKey, out var userId))
             {
-                var userId = Guid.Parse(providerKey);
                 var roleNames = await UserRoleFinder.GetRoleNamesAsync(userId);
 
                 foreach (var roleName in roleNames)
diff --git a/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RoleResourcePermissionManagementProvider.cs b/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RoleResourcePermissionManagementProvider.cs
index 21bc1a1b86..bce070130c 100644
--- a/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RoleResourcePermissionManagementProvider.cs
+++ b/modules/identity/src/Volo.Abp.PermissionManagement.Domain.Identity/Volo/Abp/PermissionManagement/Identity/RoleResourcePermissionManagementProvider.cs
@@ -48,9 +48,8 @@ public class RoleResourcePermissionManagementProvider : ResourcePermissionManage
                 resourcePermissionGrants.AddRange(await ResourcePermissionGrantRepository.GetListAsync(names, resourceName, resourceKey, providerName, providerKey));
             }
 
-            if (providerName == UserResourcePermissionValueProvider.ProviderName)
+            if (providerName == UserResourcePermissionValueProvider.ProviderName && Guid.TryParse(providerKey, out var userId))
             {
-                var userId = Guid.Parse(providerKey);
                 var roleNames = await UserRoleFinder.GetRoleNamesAsync(userId);
 
                 foreach (var roleName in roleNames)