Merge branch 'dev' into Passkey

docs/en/Community-Articles/2025-12-13-Building-Dynamic-XML-Sitemaps-With-ABP-Framework/images/sitemap-architecture.svg

@@ -0,0 +1,122 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 700">
+  <defs>
+    <style>
+      .box { fill: #ffffff; stroke: #1890ff; stroke-width: 2; }
+      .title-box { fill: #1890ff; stroke: #1890ff; stroke-width: 2; }
+      .text { font-family: Arial, sans-serif; font-size: 14px; fill: #333333; font-weight: 600; }
+      .title-text { font-family: Arial, sans-serif; font-size: 14px; fill: #ffffff; font-weight: 600; }
+      .small-text { font-family: Arial, sans-serif; font-size: 11px; fill: #666666; }
+      .arrow { stroke: #1890ff; stroke-width: 2; fill: none; marker-end: url(#arrowhead); }
+      .layer-label { font-family: Arial, sans-serif; font-size: 16px; fill: #1890ff; font-weight: bold; }
+    </style>
+    <marker id="arrowhead" markerWidth="10" markerHeight="10" refX="9" refY="3" orient="auto">
+      <polygon points="0 0, 10 3, 0 6" fill="#1890ff" />
+    </marker>
+  </defs>
+  
+  <!-- Title -->
+  <text x="500" y="30" text-anchor="middle" class="layer-label" style="font-size: 20px;">Sitemap Module Architecture</text>
+  
+  <!-- Discovery Layer -->
+  <text x="50" y="80" class="layer-label">1. Discovery Layer</text>
+  <rect class="title-box" x="50" y="90" width="220" height="35" rx="5" />
+  <text class="title-text" x="160" y="112" text-anchor="middle">RazorPageDiscoveryService</text>
+  <rect class="box" x="50" y="125" width="220" height="60" rx="5" />
+  <text class="small-text" x="160" y="145" text-anchor="middle">• Scans assemblies</text>
+  <text class="small-text" x="160" y="163" text-anchor="middle">• Finds PageModel classes</text>
+  <text class="small-text" x="160" y="181" text-anchor="middle">• Extracts route metadata</text>
+  
+  <!-- Arrow down -->
+  <path class="arrow" d="M 160 185 L 160 225" />
+  
+  <!-- Source Layer -->
+  <text x="50" y="245" class="layer-label">2. Source Layer</text>
+  
+  <!-- Static Source -->
+  <rect class="title-box" x="50" y="260" width="200" height="35" rx="5" />
+  <text class="title-text" x="150" y="282" text-anchor="middle">IStaticPageSitemapSource</text>
+  <rect class="box" x="50" y="295" width="200" height="80" rx="5" />
+  <text class="small-text" x="150" y="315" text-anchor="middle">Processes attributes:</text>
+  <text class="small-text" x="150" y="333" text-anchor="middle">[IncludeSitemapXml]</text>
+  <text class="small-text" x="150" y="351" text-anchor="middle">Returns static page</text>
+  <text class="small-text" x="150" y="369" text-anchor="middle">sitemap items</text>
+  
+  <!-- Dynamic Source -->
+  <rect class="title-box" x="280" y="260" width="200" height="35" rx="5" />
+  <text class="title-text" x="380" y="282" text-anchor="middle">IGroupedSitemapSource</text>
+  <rect class="box" x="280" y="295" width="200" height="80" rx="5" />
+  <text class="small-text" x="380" y="315" text-anchor="middle">Queries repositories:</text>
+  <text class="small-text" x="380" y="333" text-anchor="middle">Books, Articles, Products</text>
+  <text class="small-text" x="380" y="351" text-anchor="middle">Returns dynamic</text>
+  <text class="small-text" x="380" y="369" text-anchor="middle">sitemap items</text>
+  
+  <!-- Custom Source -->
+  <rect class="title-box" x="510" y="260" width="200" height="35" rx="5" />
+  <text class="title-text" x="610" y="282" text-anchor="middle">Custom Sources</text>
+  <rect class="box" x="510" y="295" width="200" height="80" rx="5" />
+  <text class="small-text" x="610" y="315" text-anchor="middle">Implement</text>
+  <text class="small-text" x="610" y="333" text-anchor="middle">ISitemapItemSource</text>
+  <text class="small-text" x="610" y="351" text-anchor="middle">for custom logic</text>
+  
+  <!-- Arrows to Collection Layer -->
+  <path class="arrow" d="M 150 375 L 150 420 L 400 420 L 400 445" />
+  <path class="arrow" d="M 380 375 L 380 420 L 400 420 L 400 445" />
+  <path class="arrow" d="M 610 375 L 610 420 L 400 420 L 400 445" />
+  
+  <!-- Collection Layer -->
+  <text x="50" y="465" class="layer-label">3. Collection Layer</text>
+  <rect class="title-box" x="250" y="480" width="300" height="35" rx="5" />
+  <text class="title-text" x="400" y="502" text-anchor="middle">SitemapItemCollector</text>
+  <rect class="box" x="250" y="515" width="300" height="80" rx="5" />
+  <text class="small-text" x="400" y="535" text-anchor="middle">• Aggregates items from all sources</text>
+  <text class="small-text" x="400" y="553" text-anchor="middle">• Groups by category (Main, Blog, Products)</text>
+  <text class="small-text" x="400" y="571" text-anchor="middle">• Removes duplicates</text>
+  <text class="small-text" x="400" y="589" text-anchor="middle">• Returns Dictionary&lt;Group, Items&gt;</text>
+  
+  <!-- Arrow down -->
+  <path class="arrow" d="M 400 595 L 400 635" />
+  
+  <!-- Generation Layer -->
+  <text x="650" y="465" class="layer-label">4. Generation Layer</text>
+  <rect class="title-box" x="640" y="480" width="280" height="35" rx="5" />
+  <text class="title-text" x="780" y="502" text-anchor="middle">SitemapXmlGenerator</text>
+  <rect class="box" x="640" y="515" width="280" height="80" rx="5" />
+  <text class="small-text" x="780" y="535" text-anchor="middle">• Converts items to XML format</text>
+  <text class="small-text" x="780" y="553" text-anchor="middle">• Adds &lt;loc&gt;, &lt;lastmod&gt;, &lt;priority&gt;</text>
+  <text class="small-text" x="780" y="571" text-anchor="middle">• Validates against sitemap protocol</text>
+  <text class="small-text" x="780" y="589" text-anchor="middle">• Returns XML string</text>
+  
+  <!-- Arrow from Collection to Generation -->
+  <path class="arrow" d="M 550 555 L 640 555" />
+  
+  <!-- Management Layer -->
+  <text x="50" y="655" class="layer-label">5. Management Layer</text>
+  
+  <!-- File Generator -->
+  <rect class="title-box" x="50" y="470" width="180" height="35" rx="5" />
+  <text class="title-text" x="140" y="492" text-anchor="middle">SitemapFileGenerator</text>
+  <rect class="box" x="50" y="505" width="180" height="90" rx="5" />
+  <text class="small-text" x="140" y="525" text-anchor="middle">• Orchestrates collection</text>
+  <text class="small-text" x="140" y="543" text-anchor="middle">• Calls XML generator</text>
+  <text class="small-text" x="140" y="561" text-anchor="middle">• Writes files to disk:</text>
+  <text class="small-text" x="140" y="579" text-anchor="middle">Sitemaps/</text>
+  
+  <!-- Background Worker -->
+  <rect class="title-box" x="250" y="640" width="300" height="35" rx="5" />
+  <text class="title-text" x="400" y="662" text-anchor="middle">SitemapRegenerationWorker</text>
+  <rect class="box" x="250" y="675" width="300" height="60" rx="5" />
+  <text class="small-text" x="400" y="695" text-anchor="middle">• Runs periodically (e.g., hourly)</text>
+  <text class="small-text" x="400" y="713" text-anchor="middle">• Triggers SitemapFileGenerator</text>
+  <text class="small-text" x="400" y="731" text-anchor="middle">• Non-blocking background execution</text>
+  
+  <!-- Arrow from Worker to File Generator -->
+  <path class="arrow" d="M 250 705 L 230 550" />
+  
+  <!-- Output Files -->
+  <text x="750" y="625" class="small-text" fill="#666666">📄 sitemap.xml</text>
+  <text x="750" y="643" class="small-text" fill="#666666">📄 sitemap-Blog.xml</text>
+  <text x="750" y="661" class="small-text" fill="#666666">📄 sitemap-Products.xml</text>
+  
+  <!-- Arrow from Generation to Files -->
+  <path class="arrow" d="M 780 595 L 780 620" />
+</svg>

docs/en/Community-Articles/2025-12-13-Building-Dynamic-XML-Sitemaps-With-ABP-Framework/post.md

@@ -0,0 +1,475 @@
+# Building Dynamic XML Sitemaps with ABP Framework
+
+Search Engine Optimization (SEO) is crucial for any web application that wants to be discovered by users. One of the most fundamental SEO practices is providing a comprehensive XML sitemap that helps search engines crawl and index your website efficiently. In this article, we'll use a reusable ABP module that automatically generates dynamic XML sitemaps for both static Razor Pages and dynamic content from your database.
+
+By the end of this tutorial, you'll have a production-ready sitemap solution that discovers your pages automatically, includes dynamic content like blog posts or products, and regenerates sitemaps in the background without impacting performance.
+
+## What is an XML Sitemap?
+
+An XML sitemap is a file that lists all important pages of your website in a structured format that search engines can easily read. It acts as a roadmap for crawlers like Google, Bing, and others, telling them which pages exist, when they were last updated, and how they relate to each other.
+
+For modern web applications with dynamic content, manually maintaining sitemap files quickly becomes impractical. A dynamic sitemap solution that automatically discovers and updates URLs is essential for:
+
+- **Large content sites** with frequently changing blog posts, articles, or products
+- **Multi-tenant applications** where each tenant may have different content
+- **Enterprise applications** with complex page hierarchies
+- **E-commerce platforms** with thousands of product pages
+
+## Why Build a Custom Sitemap Module?
+
+While there are general-purpose sitemap libraries available, building a custom module for ABP Framework provides several advantages:
+
+✅ **Deep ABP Integration**: Leverages ABP's dependency injection, background workers, and module system
+✅ **Automatic Discovery**: Uses ASP.NET Core's Razor Page infrastructure to automatically find pages
+✅ **Type-Safe Configuration**: Strongly-typed attributes and options for configuration
+✅ **Multi-Group Support**: Organize sitemaps by logical groups (main, blog, products, etc.)
+✅ **Background Generation**: Non-blocking sitemap regeneration using ABP's background worker system
+✅ **Repository Integration**: Direct integration with ABP repositories for database entities
+
+## Project Architecture Overview
+
+Before using the module, let's understand its architecture:
+
+![Architecture Diagram](./images/sitemap-architecture.svg)
+
+The sitemap module consists of several key components:
+
+1. **Discovery Layer**: Discovers Razor Pages and their metadata using reflection
+2. **Source Layer**: Defines contracts for providing sitemap items (static pages and dynamic content)
+3. **Collection Layer**: Collects items from all registered sources
+4. **Generation Layer**: Transforms collected items into XML format
+5. **Management Layer**: Orchestrates file generation and background workers
+
+## Installation
+
+To get started, clone the demo repository which includes the sitemap module:
+
+```bash
+git clone https://github.com/salihozkara/AbpSitemapDemo
+cd AbpSitemapDemo
+```
+
+The repository contains the sitemap module in the `Modules/abp.sitemap/` directory. To use it in your own project, add a project reference:
+
+```xml
+<ProjectReference Include="../Modules/abp.sitemap/Abp.Sitemap.Web/Abp.Sitemap.Web.csproj" />
+```
+
+## Module Configuration
+
+After installing the package, add the module to your ABP application's module class:
+
+```csharp
+using Abp.Sitemap.Web;
+
+[DependsOn(
+    typeof(SitemapWebModule), // 👈 Add sitemap module
+    // ... other dependencies
+)]
+public class YourProjectWebModule : AbpModule
+{
+    public override void ConfigureServices(ServiceConfigurationContext context)
+    {
+        // Configure sitemap options
+        Configure<SitemapOptions>(options =>
+        {
+            options.BaseUrl = "https://yourdomain.com"; // 👈 Your website URL
+            options.FolderPath = "Sitemaps"; // 👈 Where XML files are stored
+            options.WorkerPeriod = 3600000; // 👈 Regenerate every hour (in milliseconds)
+        });
+    }
+}
+```
+
+> **Note:** In ABP applications, BaseUrl can be resolved from AppUrlOptions to stay consistent with environment configuration.
+
+That's it! The module is now integrated and will automatically:
+- Discover your Razor Pages
+- Generate sitemap XML files on application startup
+- Regenerate sitemaps in the background every hour
+
+## Usage Examples
+
+Let's explore practical examples of using the sitemap module. You can see complete working examples in the [AbpSitemapDemo repository](https://github.com/salihozkara/AbpSitemapDemo).
+
+### Example 1: Mark Static Pages
+
+The simplest way to include pages in your sitemap is using attributes:
+
+```csharp
+using Abp.Sitemap.Web.Sitemap.Sources.Page.Attributes;
+
+namespace YourProject.Pages;
+
+[IncludeSitemapXml] // 👈 Include in default "Main" group
+public class IndexModel : PageModel
+{
+    public void OnGet()
+    {
+        // Your page logic
+    }
+}
+
+[IncludeSitemapXml(Group = "Help")]
+public class FaqModel : PageModel
+{
+    public void OnGet()
+    {
+        // Your page logic
+    }
+}
+```
+
+These pages will be automatically discovered and included in the sitemap XML files.
+
+### Example 2: Add Dynamic Content from Database
+
+For dynamic content like blog posts, products, or articles, create a custom sitemap source. Here's a complete example using a Book entity:
+
+```csharp
+using Abp.Sitemap.Web.Sitemap.Core;
+using Abp.Sitemap.Web.Sitemap.Sources.Group;
+using Volo.Abp.DependencyInjection;
+
+namespace YourProject.Sitemaps;
+
+public class BookSitemapSource : GroupedSitemapItemSource<Book>, ITransientDependency
+{
+    public BookSitemapSource(
+        IReadOnlyRepository<Book> repository,
+        IAsyncQueryableExecuter executer)
+        : base(repository, executer, group: "Books") // 👈 Creates sitemap-Books.xml
+    {
+        Filter = x => x.IsPublished; // 👈 Only published books
+    }
+
+    protected override Expression<Func<Book, SitemapItem>> Selector =>
+        book => new SitemapItem(
+            book.Id.ToString(), // 👈 Unique identifier
+            $"/Books/Detail/{book.Id}", // 👈 URL pattern matching your route
+            book.LastModificationTime ?? book.CreationTime // 👈 Last modified date
+        )
+        {
+            ChangeFrequency = "weekly",
+            Priority = 0.7
+        };
+}
+```
+
+Key points:
+- Inherits from `GroupedSitemapItemSource<TEntity>`
+- Specifies the entity type (`Book`)
+- Defines a group name ("Books") which creates `sitemap-Books.xml`
+- Uses `Filter` to include only published books
+- Maps entity properties to sitemap URLs using `Selector`
+- Automatically registered via `ITransientDependency`
+
+### Example 3: Category-Based Dynamic Content
+
+For content with categories, you can build more complex URL patterns:
+
+```csharp
+using Abp.Sitemap.Web.Sitemap.Core;
+using Abp.Sitemap.Web.Sitemap.Sources.Group;
+
+namespace YourProject.Sitemaps;
+
+public class ArticleSitemapSource : GroupedSitemapItemSource<Article>, ITransientDependency
+{
+    public ArticleSitemapSource(
+        IReadOnlyRepository<Article> repository,
+        IAsyncQueryableExecuter executer)
+        : base(repository, executer, "Articles")
+    {
+        // Multiple filter conditions
+        Filter = x => x.IsPublished && 
+                     !x.IsDeleted && 
+                     x.PublishDate <= DateTime.Now;
+    }
+
+    protected override Expression<Func<Article, SitemapItem>> Selector =>
+        article => new SitemapItem(
+            article.Id.ToString(),
+            $"/blog/{article.Category.Slug}/{article.Slug}", // 👈 Category-based URL
+            article.LastModificationTime ?? article.CreationTime
+        );
+}
+```
+
+This example demonstrates:
+- Multiple filter conditions for complex business logic
+- Building URLs with category slugs
+
+## Testing Your Sitemaps
+
+After configuring the module, test your sitemap generation:
+
+### 1. Run Your Application
+
+```bash
+dotnet run
+```
+
+The sitemaps are automatically generated on application startup.
+
+### 2. Check Generated Files
+
+Navigate to `{WebProject}/Sitemaps/` directory (at the root of your web project):
+
+```
+{WebProject}
+└── Sitemaps/
+    ├── sitemap.xml           # Main group (static pages)
+    ├── sitemap-Books.xml     # Books from database
+    ├── sitemap-Articles.xml  # Articles from database
+    └── sitemap-Help.xml      # Help pages
+```
+
+### 3. Verify XML Content
+
+Open `sitemap-Books.xml` and verify the structure:
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+  <url>
+    <loc>https://yourdomain.com/Books/Detail/3a071e39-12c9-48d7-8c1e-3b4f5c6d7e8f</loc>
+    <lastmod>2025-12-13</lastmod>
+  </url>
+  <url>
+    <loc>https://yourdomain.com/Books/Detail/7b8c9d0e-1f2a-3b4c-5d6e-7f8g9h0i1j2k</loc>
+    <lastmod>2025-12-10</lastmod>
+  </url>
+</urlset>
+```
+
+### 4. Test in Browser
+
+Visit the sitemap URLs directly (the module serves them from the root path):
+- Main sitemap: `https://localhost:5001/sitemap.xml`
+- Books sitemap: `https://localhost:5001/sitemap-Books.xml`
+
+> **Note:** The sitemaps are stored in `{WebProject}/Sitemaps/` directory and served directly from the root URL.
+
+## Advanced Configuration
+
+### Custom Regeneration Schedule
+
+Control when sitemaps are regenerated using cron expressions:
+
+```csharp
+public override void ConfigureServices(ServiceConfigurationContext context)
+{
+    Configure<SitemapOptions>(options =>
+    {
+        options.BaseUrl = "https://yourdomain.com";
+        options.WorkerCronExpression = "0 0 2 * * ?"; // 👈 Every day at 2 AM
+        // Or use period in milliseconds:
+        // options.WorkerPeriod = 7200000; // 2 hours
+    });
+}
+```
+
+### Environment-Specific Configuration
+
+Use different settings for development and production:
+
+```csharp
+public override void ConfigureServices(ServiceConfigurationContext context)
+{
+    var configuration = context.Services.GetConfiguration();
+    var hostingEnvironment = context.Services.GetHostingEnvironment();
+
+    Configure<SitemapOptions>(options =>
+    {
+        if (hostingEnvironment.IsDevelopment())
+        {
+            options.BaseUrl = "https://localhost:5001";
+            options.WorkerPeriod = 300000; // 5 minutes for testing
+        }
+        else
+        {
+            options.BaseUrl = configuration["App:SelfUrl"]!;
+            options.WorkerPeriod = 3600000; // 1 hour in production
+        }
+        
+        options.FolderPath = "Sitemaps";
+    });
+}
+```
+
+### Manual Sitemap Generation
+
+Trigger sitemap generation manually (useful for admin panels):
+
+```csharp
+using Abp.Sitemap.Web.Sitemap.Management;
+
+public class SitemapManagementService : ITransientDependency
+{
+    private readonly SitemapFileGenerator _generator;
+
+    public SitemapManagementService(SitemapFileGenerator generator)
+    {
+        _generator = generator;
+    }
+
+    [Authorize("Admin")]
+    public async Task RegenerateSitemapsAsync()
+    {
+        await _generator.GenerateAsync(); // 👈 Manual regeneration
+    }
+}
+```
+
+## Real-World Use Cases
+
+Here are practical scenarios where the sitemap module excels:
+
+### E-Commerce Platform
+```csharp
+// Products grouped by category
+public class ProductSitemapSource : GroupedSitemapItemSource<Product>
+{
+    // Automatically includes all active products with stock
+}
+
+// Separate sitemap for categories
+public class CategorySitemapSource : GroupedSitemapItemSource<Category>
+{
+    // All browsable categories
+}
+
+// Brand pages
+public class BrandSitemapSource : GroupedSitemapItemSource<Brand>
+{
+    // All active brands
+}
+```
+
+Result: `sitemap-Products.xml`, `sitemap-Categories.xml`, `sitemap-Brands.xml`
+
+### Content Management System
+```csharp
+// Blog posts by date
+public class BlogPostSitemapSource : GroupedSitemapItemSource<BlogPost>
+{
+    // Filter by published date, priority based on view count
+}
+
+// Static CMS pages
+[IncludeSitemapXml]
+public class AboutUsModel : PageModel { }
+```
+
+## Best Practices
+
+### 1. Group Related Content
+Organize your sitemaps logically:
+```csharp
+// ✅ Good: Logical grouping
+"Products", "Categories", "Brands", "Blog", "Help"
+
+// ❌ Bad: Everything in one group
+"Main" // Contains 50,000 mixed URLs
+```
+
+### 2. Use Filters Wisely
+```csharp
+// ✅ Good: Only published, non-deleted content
+Filter = x => x.IsPublished && 
+             !x.IsDeleted && 
+             x.PublishDate <= DateTime.Now
+
+// ❌ Bad: Including draft content
+Filter = x => true // Everything included
+```
+
+### 3. Keep URLs Clean
+```csharp
+// ✅ Good: SEO-friendly URLs
+$"/products/{product.Slug}"
+$"/blog/{year}/{month}/{article.Slug}"
+
+// ❌ Bad: Technical IDs exposed
+$"/product-detail?id={product.Id}"
+```
+
+## Troubleshooting
+
+### Sitemap Not Generated
+**Problem:** No XML files in `{WebProject}/Sitemaps/`
+
+**Solutions:**
+1. Check module is added to dependencies
+2. Verify `SitemapOptions.BaseUrl` is configured
+3. Check application logs for errors
+4. Ensure the web project directory has write permissions
+
+### Pages Not Appearing
+**Problem:** Some pages missing from sitemap
+
+**Solutions:**
+1. Verify `[IncludeSitemapXml]` attribute is present
+2. Check namespace imports: `using Abp.Sitemap.Web.Sitemap.Sources.Page.Attributes;`
+3. Ensure PageModel classes are public
+4. Check filter conditions in custom sources
+
+### Background Worker Not Running
+**Problem:** Sitemaps not regenerating automatically
+
+**Solutions:**
+1. Check `SitemapOptions.WorkerPeriod` is set
+2. Verify background workers are enabled in ABP configuration
+3. Check application logs for worker errors
+
+## Performance Considerations
+
+### Caching Strategy
+Consider adding caching for frequently accessed sitemaps:
+
+```csharp
+public class CachedSitemapFileGenerator : ITransientDependency
+{
+    private readonly SitemapFileGenerator _generator;
+    private readonly IDistributedCache _cache;
+
+    public async Task<string> GetOrGenerateAsync(string group)
+    {
+        var cacheKey = $"Sitemap:{group}";
+        var cached = await _cache.GetStringAsync(cacheKey);
+        
+        if (cached != null)
+            return cached;
+        
+        await _generator.GenerateAsync();
+        // Read and cache...
+    }
+}
+```
+
+## Conclusion
+
+The ABP Sitemap module provides a production-ready solution for dynamic sitemap generation in ABP Framework applications. By leveraging ABP's architecture—dependency injection, repository pattern, and background workers—the module automatically discovers pages, includes dynamic content, and regenerates sitemaps without manual intervention.
+
+Key benefits:
+✅ **Zero Configuration** for basic scenarios
+✅ **Type-Safe** attribute-based configuration
+✅ **Extensible** for complex business logic
+✅ **Performance** optimized with background processing
+✅ **SEO-Friendly** following XML sitemap standards
+
+Whether you're building a blog, e-commerce platform, or enterprise application, this module provides a solid foundation for search engine optimization.
+
+## Additional Resources
+
+### Documentation
+- [ABP Framework Documentation](https://abp.io/docs/latest/)
+- [ABP Background Workers](https://abp.io/docs/latest/framework/infrastructure/background-workers)
+- [ABP Repository Pattern](https://abp.io/docs/latest/framework/architecture/domain-driven-design/repositories)
+- [ABP Dependency Injection](https://abp.io/docs/latest/framework/fundamentals/dependency-injection)
+
+### Source Code
+- [Complete Working Demo](https://github.com/salihozkara/AbpSitemapDemo) - Full implementation with examples
+  - [BookSitemapSource](https://github.com/salihozkara/AbpSitemapDemo/blob/master/AbpSitemapDemo/Pages/Books/Index.cshtml.cs#L23) - Entity-based source example
+  - [Index.cshtml](https://github.com/salihozkara/AbpSitemapDemo/blob/master/AbpSitemapDemo/Pages/Index.cshtml#L9) - Page attribute usage

docs/en/Community-Articles/2025-12-13-Building-Dynamic-XML-Sitemaps-With-ABP-Framework/summary.md

@@ -0,0 +1 @@
+Learn how to use the ABP Sitemap module for automatic XML sitemap generation in your ABP Framework applications.

docs/en/studio/release-notes.md

@@ -9,6 +9,77 @@
 
 This document contains **brief release notes** for each ABP Studio release. Release notes only include **major features** and **visible enhancements**. Therefore, they don't include all the development done in the related version. 
 
+## 2.1.3 (2025-12-15) Latest
+
+* Updated `createCommand` and CLI help for multi-tenancy.
+* Fixed `BookController` templating problem.
+
+## 2.1.2 (2025-12-11)
+
+* Fixed `SLNX` files in templates for macOS.
+* Fixed `DbMigrator` problem on nolayers template.
+
+## 2.1.1 (2025-12-11)
+
+* Fixed duplicate workspace seeding issue.
+* Fixed books sample problems when solution is tiered.
+* Added AI Management module to `abpmdl` file.
+* Improved skip running initial tasks text.
+* Fixed unit test failures.
+* Added `LanguageManagementDbContext` table creation in tests.
+* Removed `ConfigureHttpClientProxies` method.
+* Fixed issue with adding new services to existing Microservices.
+* Fixed AI Management template issues.
+* Reverted browser notification overlay fix.
+
+## 2.1.0 (2025-12-08)
+
+* Enhanced Module Installation UI with improved user experience.
+* Added `AI Management` option to Startup Templates (app-nolayers, app).
+* Added support for new `SLNX` solution file format.
+* Enhanced modularity step in solution creation process.
+* Fixed Swagger authorization issues when projects run via .NET Aspire.
+* Fixed browser notification overlay problems.
+* Added missing `Unit of Work` namespace in solution templates.
+* Fixed JSON file formatting issues.
+* Updated ABP Framework to `10.0.1` and LeptonX to `5.0.1`.
+* Added MySQL compatibility warnings.
+* Fixed initial tasks problems.
+* Improved AI Assistant control UI with better margins and borders.
+
+## 2.0.2 (2025-11-26)
+
+* Fixed `.NET 10` installation problems.
+* Added custom styles for code blocks in **Markdown** view.
+* Fixed `OpenIddictCoreOptions` injection to use `IOptions`.
+* Added IdentityModel package after KubernetesClient.
+
+## 2.0.1 (2025-11-21)
+
+* Added build step before adding EF Core migration.
+* Updated `KubernetesClient` to version `18.0.5`.
+
+## 2.0.0 (2025-11-20)
+
+* Major upgrade to `.NET 10.0` and `ABP Framework 10.0`
+* Replaced `IdentityModel` with `Duende.IdentityModel`.
+* Added "Open on Start in Browser" option for .NET applications in Solution Runner.
+* Added `Mapperly` configuration.
+* Enabled user and tenant impersonation in Blazor client modules.
+* Enhanced notification system to allow text copying.
+* Added environment variable support for DesignTime DbContext.
+* Used C# instead of JSON for Aspire AppHost project configuration.
+* Fixed MongoDB image pulling problems.
+* Improved AI Assistant with better code block visibility across themes.
+* Added different cache paths for each browser instance.
+* Fixed various UI issues including mouse pointer problems in trees and horizontal scrolling.
+* Added `FileManagement` download URL configuration for tiered projects.
+* Added chat SignalR configuration to Microservice Blazor apps.
+* Updated `Blazorise` packages to version `1.8.6`.
+* Fixed `BackToImpersonator` button in Microservice Template.
+* Added log recording while crashing for better debugging.
+* Enhanced tab headers for **Solution Runner** and **Kubernetes**.
+
 ## 1.4.2 (2025-10-30)
 
 * Upgraded template dependencies for ABP Framework and LeptonX. (targeting ABP `9.3.6`)

docs/en/studio/version-mapping.md

@@ -11,6 +11,8 @@ This document provides a general overview of the relationship between various ve
 
 | **ABP Studio Version** | **ABP Version of Startup Template**           |
 |------------------------|---------------------------|
+| 2.1.0 - 2.1.3          | 10.0.1                    |
+| 2.0.0 to 2.0.2         | 10.0.0                    |
 | 1.4.2                  | 9.3.6                     |
 | 1.3.3 to 1.4.1         | 9.3.5                     |
 | 1.3.0 - 1.3.2          | 9.3.4                     |
@@ -19,8 +21,7 @@ This document provides a general overview of the relationship between various ve
 | 1.1.2                  | 9.2.3                     |
 | 1.1.0 - 1.1.1          | 9.2.2                     |
 | 1.0.2                  | 9.2.1                     |
-| 1.0.1                  | 9.2.0                     |
-| 1.0.0                  | 9.2.0                     |
+| 1.0.0 - 1.0.1          | 9.2.0                     |
 | 0.9.26                 | 9.1.1                     |
 | 0.9.24 - 0.9.25        | 9.1.0                     |
 | 0.9.22 - 0.9.23        | 9.0.4                     |

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/AbpPermissionOptions.cs

@@ -1,4 +1,5 @@
 using System.Collections.Generic;
+using Volo.Abp.Authorization.Permissions.Resources;
 using Volo.Abp.Collections;
 
 namespace Volo.Abp.Authorization.Permissions;
@@ -9,6 +10,8 @@ public class AbpPermissionOptions
 
     public ITypeList<IPermissionValueProvider> ValueProviders { get; }
 
+    public ITypeList<IResourcePermissionValueProvider> ResourceValueProviders { get; }
+
     public HashSet<string> DeletedPermissions { get; }
 
     public HashSet<string> DeletedPermissionGroups { get; }
@@ -17,6 +20,7 @@ public class AbpPermissionOptions
     {
         DefinitionProviders = new TypeList<IPermissionDefinitionProvider>();
         ValueProviders = new TypeList<IPermissionValueProvider>();
+        ResourceValueProviders = new TypeList<IResourcePermissionValueProvider>();
 
         DeletedPermissions = new HashSet<string>();
         DeletedPermissionGroups = new HashSet<string>();

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/ICanAddChildPermission.cs

@@ -11,4 +11,4 @@ public interface ICanAddChildPermission
         ILocalizableString? displayName = null,
         MultiTenancySides multiTenancySide = MultiTenancySides.Both,
         bool isEnabled = true);
-}
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/IPermissionDefinitionContext.cs

@@ -1,5 +1,7 @@
 using System;
+using JetBrains.Annotations;
 using Volo.Abp.Localization;
+using Volo.Abp.MultiTenancy;
 
 namespace Volo.Abp.Authorization.Permissions;
 
@@ -46,4 +48,16 @@ public interface IPermissionDefinitionContext
     /// <param name="name">Name of the permission</param>
     /// </summary>
     PermissionDefinition? GetPermissionOrNull(string name);
+
+    PermissionDefinition AddResourcePermission(
+        string name,
+        string resourceName,
+        string managementPermissionName,
+        ILocalizableString? displayName = null,
+        MultiTenancySides multiTenancySide = MultiTenancySides.Both,
+        bool isEnabled = true);
+
+    PermissionDefinition? GetResourcePermissionOrNull([NotNull] string resourceName, [NotNull] string name);
+
+    void RemoveResourcePermission([NotNull] string resourceName, [NotNull] string name);
 }

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/IPermissionDefinitionManager.cs

@@ -11,7 +11,14 @@ public interface IPermissionDefinitionManager
 
     Task<PermissionDefinition?> GetOrNullAsync([NotNull] string name);
 
+    [ItemNotNull]
+    Task<PermissionDefinition> GetResourcePermissionAsync([NotNull]string resourceName, [NotNull] string name);
+
+    Task<PermissionDefinition?> GetResourcePermissionOrNullAsync([NotNull]string resourceName, [NotNull] string name);
+
     Task<IReadOnlyList<PermissionDefinition>> GetPermissionsAsync();
 
+    Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync();
+
     Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync();
 }

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/IPermissionValueProvider.cs

@@ -6,7 +6,6 @@ public interface IPermissionValueProvider
 {
     string Name { get; }
 
-    //TODO: Rename to GetResult? (CheckAsync throws exception by naming convention)
     Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context);
 
     Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context);

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/PermissionDefinition.cs

@@ -7,7 +7,7 @@ using Volo.Abp.SimpleStateChecking;
 
 namespace Volo.Abp.Authorization.Permissions;
 
-public class PermissionDefinition : 
+public class PermissionDefinition :
     IHasSimpleStateCheckers<PermissionDefinition>,
     ICanAddChildPermission
 {
@@ -16,6 +16,16 @@ public class PermissionDefinition :
     /// </summary>
     public string Name { get; }
 
+    /// <summary>
+    /// Resource name of the permission.
+    /// </summary>
+    public string? ResourceName { get; set; }
+
+    /// <summary>
+    ///  Management permission of the resource permission.
+    /// </summary>
+    public string? ManagementPermissionName { get; set; }
+
     /// <summary>
     /// Parent of this permission if one exists.
     /// If set, this permission can be granted only if parent is granted.
@@ -76,6 +86,19 @@ public class PermissionDefinition :
         set => Properties[name] = value;
     }
 
+    protected internal PermissionDefinition(
+        [NotNull] string name,
+        string resourceName,
+        string managementPermissionName,
+        ILocalizableString? displayName = null,
+        MultiTenancySides multiTenancySide = MultiTenancySides.Both,
+        bool isEnabled = true)
+        : this(name, displayName, multiTenancySide, isEnabled)
+    {
+        ResourceName = Check.NotNull(resourceName, nameof(resourceName));
+        ManagementPermissionName = Check.NotNull(managementPermissionName, nameof(managementPermissionName));
+    }
+
     protected internal PermissionDefinition(
         [NotNull] string name,
         ILocalizableString? displayName = null,
@@ -99,6 +122,11 @@ public class PermissionDefinition :
         MultiTenancySides multiTenancySide = MultiTenancySides.Both,
         bool isEnabled = true)
     {
+        if (ResourceName != null)
+        {
+            throw new AbpException($"Resource permission cannot have child permissions. Resource: {ResourceName}");
+        }
+
         var child = new PermissionDefinition(
             name,
             displayName,
@@ -109,12 +137,12 @@ public class PermissionDefinition :
         };
 
         child[PermissionDefinitionContext.KnownPropertyNames.CurrentProviderName] = this[PermissionDefinitionContext.KnownPropertyNames.CurrentProviderName];
-       
+
         _children.Add(child);
 
         return child;
     }
-    
+
     PermissionDefinition ICanAddChildPermission.AddPermission(
         string name,
         ILocalizableString? displayName = null,
@@ -124,7 +152,6 @@ public class PermissionDefinition :
         return this.AddChild(name, displayName, multiTenancySide, isEnabled);
     }
 
-
     /// <summary>
     /// Sets a property in the <see cref="Properties"/> dictionary.
     /// This is a shortcut for nested calls on this object.

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/PermissionDefinitionContext.cs

@@ -1,7 +1,9 @@
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using JetBrains.Annotations;
 using Volo.Abp.Localization;
+using Volo.Abp.MultiTenancy;
 
 namespace Volo.Abp.Authorization.Permissions;
 
@@ -11,17 +13,20 @@ public class PermissionDefinitionContext : IPermissionDefinitionContext
 
     public Dictionary<string, PermissionGroupDefinition> Groups { get; }
 
+    public List<PermissionDefinition> ResourcePermissions { get; }
+
     internal IPermissionDefinitionProvider? CurrentProvider { get; set; }
 
     public static class KnownPropertyNames
     {
         public const string CurrentProviderName = "_CurrentProviderName";
     }
-    
+
     public PermissionDefinitionContext(IServiceProvider serviceProvider)
     {
         ServiceProvider = serviceProvider;
         Groups = new Dictionary<string, PermissionGroupDefinition>();
+        ResourcePermissions = new List<PermissionDefinition>();
     }
 
     public virtual PermissionGroupDefinition AddGroup(
@@ -43,7 +48,7 @@ public class PermissionDefinitionContext : IPermissionDefinitionContext
         }
 
         Groups[name] = group;
-        
+
         return group;
     }
 
@@ -51,37 +56,23 @@ public class PermissionDefinitionContext : IPermissionDefinitionContext
     public virtual PermissionGroupDefinition GetGroup([NotNull] string name)
     {
         var group = GetGroupOrNull(name);
-
-        if (group == null)
-        {
-            throw new AbpException($"Could not find a permission definition group with the given name: {name}");
-        }
-
-        return group;
+        return group ?? throw new AbpException($"Could not find a permission definition group with the given name: {name}");
     }
 
     public virtual PermissionGroupDefinition? GetGroupOrNull([NotNull] string name)
     {
         Check.NotNull(name, nameof(name));
-
-        if (!Groups.ContainsKey(name))
-        {
-            return null;
-        }
-
-        return Groups[name];
+        return Groups.GetOrDefault(name);
     }
 
     public virtual void RemoveGroup(string name)
     {
         Check.NotNull(name, nameof(name));
 
-        if (!Groups.ContainsKey(name))
+        if (!Groups.Remove(name))
         {
             throw new AbpException($"Not found permission group with name: {name}");
         }
-
-        Groups.Remove(name);
     }
 
     public virtual PermissionDefinition? GetPermissionOrNull([NotNull] string name)
@@ -100,4 +91,58 @@ public class PermissionDefinitionContext : IPermissionDefinitionContext
 
         return null;
     }
+
+    public virtual PermissionDefinition AddResourcePermission(
+        string name,
+        string resourceName,
+        string managementPermissionName,
+        ILocalizableString? displayName = null,
+        MultiTenancySides multiTenancySide = MultiTenancySides.Both,
+        bool isEnabled = true)
+    {
+        Check.NotNull(name, nameof(name));
+        Check.NotNull(resourceName, nameof(resourceName));
+        Check.NotNull(managementPermissionName, nameof(managementPermissionName));
+
+        if (ResourcePermissions.Any(x => x.ResourceName == resourceName && x.Name == name))
+        {
+            throw new AbpException($"There is already an existing resource permission with name: {name} for resource: {resourceName}");
+        }
+
+        var permission = new PermissionDefinition(
+            name,
+            resourceName,
+            managementPermissionName,
+            displayName,
+            multiTenancySide,
+            isEnabled)
+        {
+            [KnownPropertyNames.CurrentProviderName] = CurrentProvider?.GetType().FullName
+        };
+
+        ResourcePermissions.Add(permission);
+
+        return permission;
+    }
+
+    public virtual PermissionDefinition? GetResourcePermissionOrNull([NotNull] string resourceName, [NotNull] string name)
+    {
+        Check.NotNull(resourceName, nameof(resourceName));
+        Check.NotNull(name, nameof(name));
+
+        return ResourcePermissions.FirstOrDefault(p => p.ResourceName == resourceName && p.Name == name);
+    }
+
+    public virtual void RemoveResourcePermission([NotNull] string resourceName, [NotNull] string name)
+    {
+        Check.NotNull(resourceName, nameof(resourceName));
+        Check.NotNull(name, nameof(name));
+
+        var resourcePermission = GetResourcePermissionOrNull(resourceName, name);
+        if (resourcePermission == null)
+        {
+            throw new AbpException($"Not found resource permission with name: {name} for resource: {resourceName}");
+        }
+        ResourcePermissions.Remove(resourcePermission);
+    }
 }

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/IHasResourcePermissions.cs

@@ -0,0 +1,8 @@
+using System.Collections.Generic;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public interface IHasResourcePermissions : IKeyedObject
+{
+    Dictionary<string, bool> ResourcePermissions { get; }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/IResourcePermissionChecker.cs

@@ -0,0 +1,33 @@
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public interface IResourcePermissionChecker
+{
+    Task<bool> IsGrantedAsync(
+        string name,
+        string resourceName,
+        string resourceKey
+    );
+
+    Task<bool> IsGrantedAsync(
+        ClaimsPrincipal? claimsPrincipal,
+        string name,
+        string resourceName,
+        string resourceKey
+    );
+
+    Task<MultiplePermissionGrantResult> IsGrantedAsync(
+        string[] names, 
+        string resourceName,
+        string resourceKey
+    );
+
+    Task<MultiplePermissionGrantResult> IsGrantedAsync(
+        ClaimsPrincipal? claimsPrincipal,
+        string[] names,
+        string resourceName,
+        string resourceKey
+    );
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/IResourcePermissionStore.cs

@@ -0,0 +1,83 @@
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public interface IResourcePermissionStore
+{
+    /// <summary>
+    /// Checks if the given permission is granted for the given resource.
+    /// </summary>
+    /// <param name="name">The name of the permission.</param>
+    /// <param name="resourceName">The name of the resource.</param>
+    /// <param name="resourceKey">Resource key</param>
+    /// <param name="providerName">The name of the provider.</param>
+    /// <param name="providerKey">The key of the provider.</param>
+    /// <returns>
+    /// True if the permission is granted.
+    /// </returns>
+    Task<bool> IsGrantedAsync(
+        string name,
+        string resourceName,
+        string resourceKey,
+        string providerName,
+        string providerKey
+    );
+
+    /// <summary>
+    /// Checks if the given permissions are granted for the given resource.
+    /// </summary>
+    /// <param name="names">The name of the permissions.</param>
+    /// <param name="resourceName">The name of the resource.</param>
+    /// <param name="resourceKey">Resource key</param>
+    /// <param name="providerName">The name of the provider.</param>
+    /// <param name="providerKey">The key of the provider.</param>
+    /// <returns>
+    /// A <see cref="MultiplePermissionGrantResult"/> object containing the grant results for each permission.
+    /// </returns>
+    Task<MultiplePermissionGrantResult> IsGrantedAsync(
+        string[] names,
+        string resourceName,
+        string resourceKey,
+        string providerName,
+        string providerKey
+    );
+
+    /// <summary>
+    /// Gets all permissions for the given resource.
+    /// </summary>
+    /// <param name="resourceName">Resource name</param>
+    /// <param name="resourceKey">Resource key</param>
+    /// <returns>
+    /// A <see cref="MultiplePermissionGrantResult"/> object containing the grant results for each permission.
+    /// </returns>
+    Task<MultiplePermissionGrantResult> GetPermissionsAsync(
+        string resourceName,
+        string resourceKey
+    );
+
+    /// <summary>
+    /// Gets all granted permissions for the given resource.
+    /// </summary>
+    /// <param name="resourceName">Resource name</param>
+    /// <param name="resourceKey">Resource key</param>
+    /// <returns>
+    /// An array of granted permission names.
+    /// </returns>
+    Task<string[]> GetGrantedPermissionsAsync(
+        string resourceName,
+        string resourceKey
+    );
+
+    /// <summary>
+    /// Retrieves the keys of resources for which the specified permission is granted.
+    /// </summary>
+    /// <param name="resourceName">The name of the resource.</param>
+    /// <param name="name">The name of the permission.</param>
+    /// <returns>
+    /// An array of resource keys where the specified permission is granted.
+    /// </returns>
+    Task<string[]> GetGrantedResourceKeysAsync(
+        string resourceName,
+        string name
+    );
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/IResourcePermissionValueProvider.cs

@@ -0,0 +1,12 @@
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public interface IResourcePermissionValueProvider
+{
+    string Name { get; }
+
+    Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context);
+
+    Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context);
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/IResourcePermissionValueProviderManager.cs

@@ -0,0 +1,8 @@
+using System.Collections.Generic;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public interface IResourcePermissionValueProviderManager
+{
+    IReadOnlyList<IResourcePermissionValueProvider> ValueProviders { get; }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/NullResourcePermissionStore.cs

@@ -0,0 +1,43 @@
+using System;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.Threading;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class NullResourcePermissionStore : IResourcePermissionStore, ISingletonDependency
+{
+    public ILogger<NullResourcePermissionStore> Logger { get; set; }
+
+    public NullResourcePermissionStore()
+    {
+        Logger = NullLogger<NullResourcePermissionStore>.Instance;
+    }
+
+    public Task<bool> IsGrantedAsync(string name, string resourceName, string resourceKey, string providerName, string providerKey)
+    {
+        return TaskCache.FalseResult;
+    }
+
+    public Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names, string resourceName, string resourceKey, string providerName, string providerKey)
+    {
+        return Task.FromResult(new MultiplePermissionGrantResult(names, PermissionGrantResult.Prohibited));
+    }
+
+    public Task<MultiplePermissionGrantResult> GetPermissionsAsync(string resourceName, string resourceKey)
+    {
+        return Task.FromResult(new MultiplePermissionGrantResult());
+    }
+
+    public Task<string[]> GetGrantedPermissionsAsync(string resourceName, string resourceKey)
+    {
+        return Task.FromResult(Array.Empty<string>());
+    }
+
+    public Task<string[]> GetGrantedResourceKeysAsync(string resourceName, string name)
+    {
+        return Task.FromResult(Array.Empty<string>());
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionCheckerExtensions.cs

@@ -0,0 +1,34 @@
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public static class ResourcePermissionCheckerExtensions
+{
+    /// <summary>
+    /// Checks if a specific permission is granted for a resource with a given key.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the resource.</typeparam>
+    /// <param name="resourcePermissionChecker">The resource permission checker instance.</param>
+    /// <param name="permissionName">The name of the permission to check.</param>
+    /// <param name="resource">The resource instance to check permission for.</param>
+    /// <param name="resourceKey">The unique key identifying the resource instance.</param>
+    /// <returns>A task that represents the asynchronous operation. The task result contains a boolean value indicating whether the permission is granted.</returns>
+    public static Task<bool> IsGrantedAsync<TResource>(
+        this IResourcePermissionChecker resourcePermissionChecker,
+        string permissionName,
+        TResource resource,
+        object resourceKey
+    )
+    {
+        Check.NotNull(resourcePermissionChecker, nameof(resourcePermissionChecker));
+        Check.NotNullOrWhiteSpace(permissionName, nameof(permissionName));
+        Check.NotNull(resource, nameof(resource));
+        Check.NotNull(resourceKey, nameof(resourceKey));
+
+        return resourcePermissionChecker.IsGrantedAsync(
+            permissionName,
+            typeof(TResource).FullName!,
+            resourceKey.ToString()!
+        );
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionGrantInfo.cs

@@ -0,0 +1,21 @@
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionGrantInfo : PermissionGrantInfo
+{
+    public string ResourceName { get; }
+
+    public string ResourceKey { get; }
+
+    public ResourcePermissionGrantInfo(
+        string name,
+        bool isGranted,
+        string resourceName,
+        string resourceKey,
+        string? providerName = null,
+        string? providerKey = null)
+        : base(name, isGranted, providerName, providerKey)
+    {
+        ResourceName = resourceName;
+        ResourceKey = resourceKey;
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionStoreExtensions.cs

@@ -0,0 +1,75 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public static class ResourcePermissionStoreExtensions
+{
+    /// <summary>
+    /// Retrieves the list of granted permissions for a specific resource with a given key.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the resource.</typeparam>
+    /// <param name="resourcePermissionStore">The resource permission store instance.</param>
+    /// <param name="resource">The resource instance to retrieve permissions for.</param>
+    /// <param name="resourceKey">The unique key identifying the resource instance.</param>
+    /// <returns>A task that represents the asynchronous operation. The task result contains an array of strings representing the granted permissions.</returns>
+    public static async Task<string[]> GetGrantedPermissionsAsync<TResource>(
+        this IResourcePermissionStore resourcePermissionStore,
+        TResource resource,
+        object resourceKey
+    )
+    {
+        return (await GetPermissionsAsync(resourcePermissionStore, resource, resourceKey)).Where(x => x.Value).Select(x => x.Key).ToArray();
+    }
+
+    /// <summary>
+    /// Retrieves a dictionary of permissions and their granted status for the specified entity.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the resource.</typeparam>
+    /// <param name="resourcePermissionStore">The resource permission store instance.</param>
+    /// <param name="resource">The resource for which the permissions are being retrieved.</param>
+    /// <param name="resourceKey">The unique key identifying the resource instance.</param>
+    /// <returns>A dictionary where the keys are permission names and the values are booleans indicating whether the permission is granted.</returns>
+    public static async Task<IDictionary<string, bool>> GetPermissionsAsync<TResource>(
+        this IResourcePermissionStore resourcePermissionStore,
+        TResource resource,
+        object resourceKey
+    )
+    {
+        Check.NotNull(resourcePermissionStore, nameof(resourcePermissionStore));
+        Check.NotNull(resource, nameof(resource));
+        Check.NotNull(resourceKey, nameof(resourceKey));
+
+        var result = await resourcePermissionStore.GetPermissionsAsync(
+            typeof(TResource).FullName!,
+            resourceKey.ToString()!
+        );
+
+        return result.Result.ToDictionary(x => x.Key, x => x.Value == PermissionGrantResult.Granted);
+    }
+
+    /// <summary>
+    /// Retrieves the keys of the resources granted a specific permission.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the resource.</typeparam>
+    /// <param name="resourcePermissionStore">The resource permission store instance.</param>
+    /// <param name="resource">The resource instance to check granted permissions for.</param>
+    /// <param name="permissionName">The name of the permission to check.</param>
+    /// <returns>A task that represents the asynchronous operation. The task result contains an array of strings representing the granted resource keys.</returns>
+    public static Task<string[]> GetGrantedResourceKeysAsync<TResource>(
+        this IResourcePermissionStore resourcePermissionStore,
+        TResource resource,
+        string permissionName
+    )
+    {
+        Check.NotNull(resourcePermissionStore, nameof(resourcePermissionStore));
+        Check.NotNull(resource, nameof(resource));
+        Check.NotNullOrWhiteSpace(permissionName, nameof(permissionName));
+
+        return resourcePermissionStore.GetGrantedResourceKeysAsync(
+            typeof(TResource).FullName!,
+            permissionName
+        );
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionValueCheckContext.cs

@@ -0,0 +1,22 @@
+using System.Security.Claims;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionValueCheckContext : PermissionValueCheckContext
+{
+    public string ResourceName { get; }
+
+    public string ResourceKey { get; }
+
+    public ResourcePermissionValueCheckContext(PermissionDefinition permission, string resourceName, string resourceKey)
+        : this(permission, null, resourceName, resourceKey)
+    {
+    }
+
+    public ResourcePermissionValueCheckContext(PermissionDefinition permission, ClaimsPrincipal? principal, string resourceName, string resourceKey)
+        : base(permission, principal)
+    {
+        ResourceName = resourceName;
+        ResourceKey = resourceKey;
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionValueProvider.cs

@@ -0,0 +1,20 @@
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public abstract class ResourcePermissionValueProvider : IResourcePermissionValueProvider, ITransientDependency
+{
+    public abstract string Name { get; }
+
+    protected IResourcePermissionStore ResourcePermissionStore { get; }
+
+    protected ResourcePermissionValueProvider(IResourcePermissionStore resourcePermissionStore)
+    {
+        ResourcePermissionStore = resourcePermissionStore;
+    }
+
+    public abstract Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context);
+
+    public abstract Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context);
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionValuesCheckContext.cs

@@ -0,0 +1,38 @@
+using System.Collections.Generic;
+using System.Security.Claims;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionValuesCheckContext : PermissionValuesCheckContext
+{
+    public string ResourceName { get; }
+
+    public string ResourceKey { get; }
+
+    public ResourcePermissionValuesCheckContext(PermissionDefinition permission,string resourceName, string resourceKey)
+        : this([permission], null, resourceName, resourceKey)
+    {
+
+    }
+
+
+    public ResourcePermissionValuesCheckContext(PermissionDefinition permission, ClaimsPrincipal? principal, string resourceName, string resourceKey)
+        : this([permission], principal, resourceName, resourceKey)
+    {
+
+    }
+
+    public ResourcePermissionValuesCheckContext(List<PermissionDefinition> permissions, string resourceName, string resourceKey)
+        : this(permissions, null, resourceName, resourceKey)
+    {
+        ResourceName = resourceName;
+        ResourceKey = resourceKey;
+    }
+
+    public ResourcePermissionValuesCheckContext(List<PermissionDefinition> permissions, ClaimsPrincipal? principal, string resourceName, string resourceKey)
+        : base(permissions, principal)
+    {
+        ResourceName = resourceName;
+        ResourceKey = resourceKey;
+    }
+}

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/ResourcePermissionRequirement.cs

@@ -0,0 +1,21 @@
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Volo.Abp.Authorization;
+
+public class ResourcePermissionRequirement : IAuthorizationRequirement
+{
+    public string PermissionName { get; }
+
+    public ResourcePermissionRequirement([NotNull] string permissionName)
+    {
+        Check.NotNull(permissionName, nameof(permissionName));
+
+        PermissionName = permissionName;
+    }
+
+    public override string ToString()
+    {
+        return $"ResourcePermissionRequirement: {PermissionName}";
+    }
+}

framework/src/Volo.Abp.Authorization/Microsoft/Extensions/DependencyInjection/KeyedObjectResourcePermissionExtenstions.cs

@@ -0,0 +1,13 @@
+using Microsoft.AspNetCore.Authorization;
+using Volo.Abp.Authorization.Permissions.Resources;
+
+namespace Microsoft.Extensions.DependencyInjection;
+
+public static class KeyedObjectResourcePermissionExtenstions
+{
+    public static IServiceCollection AddKeyedObjectResourcePermissionAuthorization(this IServiceCollection services)
+    {
+        services.AddSingleton<IAuthorizationHandler, KeyedObjectResourcePermissionRequirementHandler>();
+        return services;
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/AbpAuthorizationModule.cs

@@ -5,6 +5,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Volo.Abp.Authorization.Localization;
 using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
 using Volo.Abp.Localization;
 using Volo.Abp.Localization.ExceptionHandling;
 using Volo.Abp.Modularity;
@@ -32,6 +33,7 @@ public class AbpAuthorizationModule : AbpModule
     {
         context.Services.AddAuthorizationCore();
 
+        context.Services.AddKeyedObjectResourcePermissionAuthorization();
         context.Services.AddSingleton<IAuthorizationHandler, PermissionRequirementHandler>();
         context.Services.AddSingleton<IAuthorizationHandler, PermissionsRequirementHandler>();
 
@@ -42,6 +44,9 @@ public class AbpAuthorizationModule : AbpModule
             options.ValueProviders.Add<UserPermissionValueProvider>();
             options.ValueProviders.Add<RolePermissionValueProvider>();
             options.ValueProviders.Add<ClientPermissionValueProvider>();
+
+            options.ResourceValueProviders.Add<UserResourcePermissionValueProvider>();
+            options.ResourceValueProviders.Add<RoleResourcePermissionValueProvider>();
         });
 
         Configure<AbpVirtualFileSystemOptions>(options =>

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/AbpAuthorizationPolicyProvider.cs

@@ -40,6 +40,14 @@ public class AbpAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
             return policyBuilder.Build();
         }
 
+        if ((await _permissionDefinitionManager.GetResourcePermissionsAsync()).Any(x => x.Name == policyName))
+        {
+            //TODO: Optimize & Cache!
+            var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty<string>());
+            policyBuilder.Requirements.Add(new ResourcePermissionRequirement(policyName));
+            return policyBuilder.Build();
+        }
+
         return null;
     }
 

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/MethodInvocationAuthorizationService.cs

@@ -20,7 +20,7 @@ public class MethodInvocationAuthorizationService : IMethodInvocationAuthorizati
         _abpAuthorizationService = abpAuthorizationService;
     }
 
-    public async Task CheckAsync(MethodInvocationAuthorizationContext context)
+    public virtual async Task CheckAsync(MethodInvocationAuthorizationContext context)
     {
         if (AllowAnonymous(context))
         {

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/IDynamicPermissionDefinitionStore.cs

@@ -8,6 +8,10 @@ public interface IDynamicPermissionDefinitionStore
     Task<PermissionDefinition?> GetOrNullAsync(string name);
 
     Task<IReadOnlyList<PermissionDefinition>> GetPermissionsAsync();
-    
+
+    Task<PermissionDefinition?> GetResourcePermissionOrNullAsync(string resourceName, string name);
+
+    Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync();
+
     Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync();
-}
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/IStaticPermissionDefinitionStore.cs

@@ -8,6 +8,10 @@ public interface IStaticPermissionDefinitionStore
     Task<PermissionDefinition?> GetOrNullAsync(string name);
 
     Task<IReadOnlyList<PermissionDefinition>> GetPermissionsAsync();
-    
+
+    Task<PermissionDefinition?> GetResourcePermissionOrNullAsync(string resourceName, string name);
+
+    Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync();
+
     Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync();
-}
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/NullDynamicPermissionDefinitionStore.cs

@@ -9,10 +9,15 @@ namespace Volo.Abp.Authorization.Permissions;
 public class NullDynamicPermissionDefinitionStore : IDynamicPermissionDefinitionStore, ISingletonDependency
 {
     private readonly static Task<PermissionDefinition?> CachedPermissionResult = Task.FromResult((PermissionDefinition?)null);
-    
+
     private readonly static Task<IReadOnlyList<PermissionDefinition>> CachedPermissionsResult =
         Task.FromResult((IReadOnlyList<PermissionDefinition>)Array.Empty<PermissionDefinition>().ToImmutableList());
 
+    private readonly static Task<PermissionDefinition?> CachedResourcePermissionResult = Task.FromResult((PermissionDefinition?)null);
+
+    private readonly static Task<IReadOnlyList<PermissionDefinition>> CachedResourcePermissionsResult =
+        Task.FromResult((IReadOnlyList<PermissionDefinition>)Array.Empty<PermissionDefinition>().ToImmutableList());
+
     private readonly static Task<IReadOnlyList<PermissionGroupDefinition>> CachedGroupsResult =
         Task.FromResult((IReadOnlyList<PermissionGroupDefinition>)Array.Empty<PermissionGroupDefinition>().ToImmutableList());
 
@@ -26,8 +31,18 @@ public class NullDynamicPermissionDefinitionStore : IDynamicPermissionDefinition
         return CachedPermissionsResult;
     }
 
+    public Task<PermissionDefinition?> GetResourcePermissionOrNullAsync(string resourceName, string name)
+    {
+        return CachedResourcePermissionResult;
+    }
+
+    public Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync()
+    {
+        return CachedResourcePermissionsResult;
+    }
+
     public Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync()
     {
         return CachedGroupsResult;
     }
-}
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/PermissionDefinitionManager.cs

@@ -34,17 +34,36 @@ public class PermissionDefinitionManager : IPermissionDefinitionManager, ITransi
     {
         Check.NotNull(name, nameof(name));
 
-        return await _staticStore.GetOrNullAsync(name) ?? 
+        return await _staticStore.GetOrNullAsync(name) ??
                await _dynamicStore.GetOrNullAsync(name);
     }
 
+    public virtual async Task<PermissionDefinition> GetResourcePermissionAsync(string resourceName, string name)
+    {
+        var permission = await GetResourcePermissionOrNullAsync(resourceName, name);
+        if (permission == null)
+        {
+            throw new AbpException($"Undefined resource permission: {name} for resource: {resourceName}");
+        }
+
+        return permission;
+    }
+
+    public virtual async Task<PermissionDefinition?> GetResourcePermissionOrNullAsync(string resourceName, string name)
+    {
+        Check.NotNull(name, nameof(name));
+
+        return await _staticStore.GetResourcePermissionOrNullAsync(resourceName, name) ??
+               await _dynamicStore.GetResourcePermissionOrNullAsync(resourceName, name);
+    }
+
     public virtual async Task<IReadOnlyList<PermissionDefinition>> GetPermissionsAsync()
     {
         var staticPermissions = await _staticStore.GetPermissionsAsync();
         var staticPermissionNames = staticPermissions
             .Select(p => p.Name)
             .ToImmutableHashSet();
-        
+
         var dynamicPermissions = await _dynamicStore.GetPermissionsAsync();
 
         /* We prefer static permissions over dynamics */
@@ -53,13 +72,28 @@ public class PermissionDefinitionManager : IPermissionDefinitionManager, ITransi
         ).ToImmutableList();
     }
 
-    public async Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync()
+    public virtual async Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync()
+    {
+        var staticResourcePermissions = await _staticStore.GetResourcePermissionsAsync();
+        var staticResourcePermissionNames = staticResourcePermissions
+            .Select(p => p.Name)
+            .ToImmutableHashSet();
+
+        var dynamicResourcePermissions = await _dynamicStore.GetResourcePermissionsAsync();
+
+        /* We prefer static permissions over dynamics */
+        return staticResourcePermissions.Concat(
+            dynamicResourcePermissions.Where(d => !staticResourcePermissionNames.Contains(d.Name))
+        ).ToImmutableList();
+    }
+
+    public virtual async Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync()
     {
         var staticGroups = await _staticStore.GetGroupsAsync();
         var staticGroupNames = staticGroups
             .Select(p => p.Name)
             .ToImmutableHashSet();
-        
+
         var dynamicGroups = await _dynamicStore.GetGroupsAsync();
 
         /* We prefer static groups over dynamics */
@@ -67,4 +101,4 @@ public class PermissionDefinitionManager : IPermissionDefinitionManager, ITransi
             dynamicGroups.Where(d => !staticGroupNames.Contains(d.Name))
         ).ToImmutableList();
     }
-}
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/KeyedObjectResourcePermissionCheckerExtensions.cs

@@ -0,0 +1,28 @@
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public static class KeyedObjectResourcePermissionCheckerExtensions
+{
+    /// <summary>
+    /// Checks if the specified permission is granted for the given resource.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the object.</typeparam>
+    /// <param name="resourcePermissionChecker">The resource permission checker instance.</param>
+    /// <param name="permissionName">The name of the permission to check.</param>
+    /// <param name="resource">The resource for which the permission is being checked.</param>
+    /// <returns>A task that represents the asynchronous operation. The task result is a boolean indicating whether the permission is granted.</returns>
+    public static Task<bool> IsGrantedAsync<TResource>(this IResourcePermissionChecker resourcePermissionChecker, string permissionName, TResource resource)
+        where TResource : class, IKeyedObject
+    {
+        Check.NotNull(resourcePermissionChecker, nameof(resourcePermissionChecker));
+        Check.NotNullOrWhiteSpace(permissionName, nameof(permissionName));
+        Check.NotNull(resource, nameof(resource));
+
+        return resourcePermissionChecker.IsGrantedAsync(
+            permissionName,
+            resource,
+            resource.GetObjectKey() ?? throw new AbpException("The resource doesn't have a key.")
+        );
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/KeyedObjectResourcePermissionRequirementHandler.cs

@@ -0,0 +1,33 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class KeyedObjectResourcePermissionRequirementHandler : AuthorizationHandler<ResourcePermissionRequirement, IKeyedObject>
+{
+    protected readonly IResourcePermissionChecker PermissionChecker;
+
+    public KeyedObjectResourcePermissionRequirementHandler(IResourcePermissionChecker permissionChecker)
+    {
+        PermissionChecker = permissionChecker;
+    }
+
+    protected override async Task HandleRequirementAsync(
+        AuthorizationHandlerContext context,
+        ResourcePermissionRequirement requirement,
+        IKeyedObject? resource)
+    {
+        if (resource == null)
+        {
+            return;
+        }
+
+        var resourceName = resource.GetType().FullName!;
+        var resourceKey = resource.GetObjectKey() ?? throw new AbpException("The resource doesn't have a key.");
+        
+        if (await PermissionChecker.IsGrantedAsync(context.User, requirement.PermissionName, resourceName, resourceKey))
+        {
+            context.Succeed(requirement);
+        }
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/KeyedObjectResourcePermissionStoreExtensions.cs

@@ -0,0 +1,49 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public static class KeyedObjectResourcePermissionStoreExtensions
+{
+    /// <summary>
+    /// Retrieves an array of granted permissions for a specific entity.
+    /// </summary>
+    /// <typeparam name="TResource">The type of the resource.</typeparam>
+    /// <param name="resourcePermissionStore">The resource permission store instance.</param>
+    /// <param name="resource">The resource for which the permissions are being checked.</param>
+    /// <returns>An array of granted permission names as strings.</returns>
+    public static async Task<string[]> GetGrantedPermissionsAsync<TResource>(
+        this IResourcePermissionStore resourcePermissionStore,
+        TResource resource
+    )
+        where TResource : class, IKeyedObject
+    {
+        Check.NotNull(resourcePermissionStore, nameof(resourcePermissionStore));
+        Check.NotNull(resource, nameof(resource));
+
+        return (await GetPermissionsAsync(resourcePermissionStore, resource)).Where(x => x.Value).Select(x => x.Key).ToArray();
+    }
+
+    /// <summary>
+    /// Retrieves a dictionary of permissions and their granted status for the specified entity.
+    /// </summary>
+    /// <typeparam name="TEntity">The type of the entity.</typeparam>
+    /// <param name="resourcePermissionStore">The resource permission store instance.</param>
+    /// <param name="entity">The entity for which the permissions are being retrieved.</param>
+    /// <returns>A dictionary where the keys are permission names and the values are booleans indicating whether the permission is granted.</returns>
+    public static async Task<IDictionary<string, bool>> GetPermissionsAsync<TEntity>(
+        this IResourcePermissionStore resourcePermissionStore,
+        TEntity entity
+    )
+        where TEntity : class, IKeyedObject
+    {
+        Check.NotNull(resourcePermissionStore, nameof(resourcePermissionStore));
+        Check.NotNull(entity, nameof(entity));
+
+        return await resourcePermissionStore.GetPermissionsAsync(
+            entity,
+            entity.GetObjectKey() ?? throw new AbpException("The entity doesn't have a key.")
+        );
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionChecker.cs

@@ -0,0 +1,173 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Security.Principal;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.MultiTenancy;
+using Volo.Abp.Security.Claims;
+using Volo.Abp.SimpleStateChecking;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionChecker : IResourcePermissionChecker, ITransientDependency
+{
+    protected IPermissionDefinitionManager PermissionDefinitionManager { get; }
+    protected ICurrentPrincipalAccessor PrincipalAccessor { get; }
+    protected ICurrentTenant CurrentTenant { get; }
+    protected IResourcePermissionValueProviderManager PermissionValueProviderManager { get; }
+    protected ISimpleStateCheckerManager<PermissionDefinition> StateCheckerManager { get; }
+    protected IPermissionChecker PermissionChecker { get; }
+
+    public ResourcePermissionChecker(
+        ICurrentPrincipalAccessor principalAccessor,
+        IPermissionDefinitionManager permissionDefinitionManager,
+        ICurrentTenant currentTenant,
+        IResourcePermissionValueProviderManager permissionValueProviderManager,
+        ISimpleStateCheckerManager<PermissionDefinition> stateCheckerManager,
+        IPermissionChecker permissionChecker)
+    {
+        PrincipalAccessor = principalAccessor;
+        PermissionDefinitionManager = permissionDefinitionManager;
+        CurrentTenant = currentTenant;
+        PermissionValueProviderManager = permissionValueProviderManager;
+        StateCheckerManager = stateCheckerManager;
+        PermissionChecker = permissionChecker;
+    }
+
+    public virtual async Task<bool> IsGrantedAsync(string name, string resourceName, string resourceKey)
+    {
+        return await IsGrantedAsync(PrincipalAccessor.Principal, name, resourceName, resourceKey);
+    }
+
+    public virtual async Task<bool> IsGrantedAsync(
+        ClaimsPrincipal? claimsPrincipal,
+        string name,
+        string resourceName,
+        string resourceKey)
+    {
+        Check.NotNull(name, nameof(name));
+
+        var permission = await PermissionDefinitionManager.GetResourcePermissionOrNullAsync(resourceName, name);
+        if (permission == null)
+        {
+            return false;
+        }
+
+        if (!permission.IsEnabled)
+        {
+            return false;
+        }
+
+        if (!await StateCheckerManager.IsEnabledAsync(permission))
+        {
+            return false;
+        }
+
+        var multiTenancySide = claimsPrincipal?.GetMultiTenancySide()
+                               ?? CurrentTenant.GetMultiTenancySide();
+
+        if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
+        {
+            return false;
+        }
+
+        var isGranted = false;
+        var context = new ResourcePermissionValueCheckContext(permission, claimsPrincipal, resourceName, resourceKey);
+        foreach (var provider in PermissionValueProviderManager.ValueProviders)
+        {
+            if (context.Permission.Providers.Any() &&
+                !context.Permission.Providers.Contains(provider.Name))
+            {
+                continue;
+            }
+
+            var result = await provider.CheckAsync(context);
+
+            if (result == PermissionGrantResult.Granted)
+            {
+                isGranted = true;
+            }
+            else if (result == PermissionGrantResult.Prohibited)
+            {
+                return false;
+            }
+        }
+
+        return isGranted;
+    }
+
+    public async Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names, string resourceName, string resourceKey)
+    {
+        return await IsGrantedAsync(PrincipalAccessor.Principal, names, resourceName, resourceKey);
+    }
+
+    public async Task<MultiplePermissionGrantResult> IsGrantedAsync(ClaimsPrincipal? claimsPrincipal, string[] names, string resourceName, string resourceKey)
+    {
+        Check.NotNull(names, nameof(names));
+
+        var result = new MultiplePermissionGrantResult();
+        if (!names.Any())
+        {
+            return result;
+        }
+
+        var multiTenancySide = claimsPrincipal?.GetMultiTenancySide() ??
+                               CurrentTenant.GetMultiTenancySide();
+
+        var permissionDefinitions = new List<PermissionDefinition>();
+        foreach (var name in names)
+        {
+            var permission = await PermissionDefinitionManager.GetResourcePermissionOrNullAsync(resourceName, name);
+            if (permission == null)
+            {
+                result.Result.Add(name, PermissionGrantResult.Prohibited);
+                continue;
+            }
+
+            result.Result.Add(name, PermissionGrantResult.Undefined);
+
+            if (permission.IsEnabled &&
+                await StateCheckerManager.IsEnabledAsync(permission) &&
+                permission.MultiTenancySide.HasFlag(multiTenancySide))
+            {
+                permissionDefinitions.Add(permission);
+            }
+        }
+
+        foreach (var provider in PermissionValueProviderManager.ValueProviders)
+        {
+            var permissions = permissionDefinitions
+                .Where(x => !x.Providers.Any() || x.Providers.Contains(provider.Name))
+                .ToList();
+
+            if (permissions.IsNullOrEmpty())
+            {
+                continue;
+            }
+
+            var context = new ResourcePermissionValuesCheckContext(
+                permissions,
+                claimsPrincipal,
+                resourceName,
+                resourceKey);
+
+            var multipleResult = await provider.CheckAsync(context);
+            foreach (var grantResult in multipleResult.Result.Where(grantResult =>
+                result.Result.ContainsKey(grantResult.Key) &&
+                result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
+                grantResult.Value != PermissionGrantResult.Undefined))
+            {
+                result.Result[grantResult.Key] = grantResult.Value;
+                permissionDefinitions.RemoveAll(x => x.Name == grantResult.Key);
+            }
+
+            if (result.AllGranted || result.AllProhibited)
+            {
+                break;
+            }
+        }
+
+        return result;
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionPopulator.cs

@@ -0,0 +1,65 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionPopulator : ITransientDependency
+{
+    protected IPermissionDefinitionManager PermissionDefinitionManager { get; }
+    protected IResourcePermissionChecker ResourcePermissionChecker { get; }
+    protected IResourcePermissionStore ResourcePermissionStore { get; }
+    protected IPermissionChecker PermissionChecker { get; }
+
+    public ResourcePermissionPopulator(
+        IPermissionDefinitionManager permissionDefinitionManager,
+        IResourcePermissionChecker resourcePermissionChecker,
+        IResourcePermissionStore resourcePermissionStore,
+        IPermissionChecker permissionChecker)
+    {
+        PermissionDefinitionManager = permissionDefinitionManager;
+        ResourcePermissionChecker = resourcePermissionChecker;
+        ResourcePermissionStore = resourcePermissionStore;
+        PermissionChecker = permissionChecker;
+    }
+
+    public virtual async Task PopulateAsync<TResource>(TResource resource, string resourceName)
+        where TResource : IHasResourcePermissions
+    {
+        await PopulateAsync([resource], resourceName);
+    }
+
+    public virtual async Task PopulateAsync<TResource>(List<TResource> resources, string resourceName)
+        where TResource : IHasResourcePermissions
+    {
+        Check.NotNull(resources, nameof(resources));
+        Check.NotNullOrWhiteSpace(resourceName, nameof(resourceName));
+
+        var resopurcePermissions = (await PermissionDefinitionManager.GetResourcePermissionsAsync())
+            .Where(x => x.ResourceName == resourceName)
+            .ToArray();
+
+        foreach (var resource in resources)
+        {
+            var resourceKey = resource.GetObjectKey();
+            if (resourceKey.IsNullOrEmpty())
+            {
+                throw new AbpException("Resource key can not be null or empty.");
+            }
+
+            var results = await ResourcePermissionChecker.IsGrantedAsync(resopurcePermissions.Select(x => x.Name).ToArray(), resourceName, resourceKey);
+            foreach (var resopurcePermission in resopurcePermissions)
+            {
+                if (resource.ResourcePermissions == null)
+                {
+                     ObjectHelper.TrySetProperty(resource, x => x.ResourcePermissions, () => new Dictionary<string, bool>());
+                }
+
+                var hasPermission = results.Result.TryGetValue(resopurcePermission.Name, out var granted) && granted == PermissionGrantResult.Granted;
+                resource.ResourcePermissions![resopurcePermission.Name] = hasPermission;
+            }
+        }
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/ResourcePermissionValueProviderManager.cs

@@ -0,0 +1,43 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class ResourcePermissionValueProviderManager : IResourcePermissionValueProviderManager, ISingletonDependency
+{
+    public IReadOnlyList<IResourcePermissionValueProvider> ValueProviders => _lazyProviders.Value;
+    private readonly Lazy<List<IResourcePermissionValueProvider>> _lazyProviders;
+
+    protected AbpPermissionOptions Options { get; }
+    protected IServiceProvider ServiceProvider { get; }
+
+    public ResourcePermissionValueProviderManager(
+        IServiceProvider serviceProvider,
+        IOptions<AbpPermissionOptions> options)
+    {
+        Options = options.Value;
+        ServiceProvider = serviceProvider;
+
+        _lazyProviders = new Lazy<List<IResourcePermissionValueProvider>>(GetProviders, true);
+    }
+
+    protected virtual List<IResourcePermissionValueProvider> GetProviders()
+    {
+        var providers = Options
+            .ResourceValueProviders
+            .Select(type => (ServiceProvider.GetRequiredService(type) as IResourcePermissionValueProvider)!)
+            .ToList();
+
+        var multipleProviders = providers.GroupBy(p => p.Name).FirstOrDefault(x => x.Count() > 1);
+        if(multipleProviders != null)
+        {
+            throw new AbpException($"Duplicate resource permission value provider name detected: {multipleProviders.Key}. Providers:{Environment.NewLine}{multipleProviders.Select(p => p.GetType().FullName!).JoinAsString(Environment.NewLine)}");
+        }
+
+        return providers;
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/RoleResourcePermissionValueProvider.cs

@@ -0,0 +1,79 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.Security.Claims;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class RoleResourcePermissionValueProvider : ResourcePermissionValueProvider
+{
+    public const string ProviderName = "R";
+
+    public override string Name => ProviderName;
+
+    public RoleResourcePermissionValueProvider(IResourcePermissionStore resourcePermissionStore)
+        : base(resourcePermissionStore)
+    {
+
+    }
+
+    public override async Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context)
+    {
+        var roles = context.Principal?.FindAll(AbpClaimTypes.Role).Select(c => c.Value).ToArray();
+
+        if (roles == null || !roles.Any())
+        {
+            return PermissionGrantResult.Undefined;
+        }
+
+        foreach (var role in roles.Distinct())
+        {
+            if (await ResourcePermissionStore.IsGrantedAsync(context.Permission.Name, context.ResourceName, context.ResourceKey, Name, role))
+            {
+                return PermissionGrantResult.Granted;
+            }
+        }
+
+        return PermissionGrantResult.Undefined;
+    }
+
+    public override async Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context)
+    {
+        var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToList();
+        Check.NotNullOrEmpty(permissionNames, nameof(permissionNames));
+
+        var result = new MultiplePermissionGrantResult(permissionNames.ToArray());
+
+        var roles = context.Principal?.FindAll(AbpClaimTypes.Role).Select(c => c.Value).ToArray();
+        if (roles == null || !roles.Any())
+        {
+            return result;
+        }
+
+        foreach (var role in roles.Distinct())
+        {
+            var multipleResult = await ResourcePermissionStore.IsGrantedAsync(permissionNames.ToArray(), context.ResourceName, context.ResourceKey, Name, role);
+
+            foreach (var grantResult in multipleResult.Result.Where(grantResult =>
+                result.Result.ContainsKey(grantResult.Key) &&
+                result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
+                grantResult.Value != PermissionGrantResult.Undefined))
+            {
+                result.Result[grantResult.Key] = grantResult.Value;
+                permissionNames.RemoveAll(x => x == grantResult.Key);
+            }
+
+            if (result.AllGranted || result.AllProhibited)
+            {
+                break;
+            }
+
+            if (permissionNames.IsNullOrEmpty())
+            {
+                break;
+            }
+        }
+
+        return result;
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/Resources/UserResourcePermissionValueProvider.cs

@@ -0,0 +1,46 @@
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.Security.Claims;
+
+namespace Volo.Abp.Authorization.Permissions.Resources;
+
+public class UserResourcePermissionValueProvider : ResourcePermissionValueProvider
+{
+    public const string ProviderName = "U";
+
+    public override string Name => ProviderName;
+
+    public UserResourcePermissionValueProvider(IResourcePermissionStore resourcePermissionStore)
+        : base(resourcePermissionStore)
+    {
+
+    }
+
+    public override async Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context)
+    {
+        var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
+
+        if (userId == null)
+        {
+            return PermissionGrantResult.Undefined;
+        }
+
+        return await ResourcePermissionStore.IsGrantedAsync(context.Permission.Name, context.ResourceName, context.ResourceKey, Name, userId)
+            ? PermissionGrantResult.Granted
+            : PermissionGrantResult.Undefined;
+    }
+
+    public override async Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context)
+    {
+        var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToArray();
+        Check.NotNullOrEmpty(permissionNames, nameof(permissionNames));
+
+        var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
+        if (userId == null)
+        {
+            return new MultiplePermissionGrantResult(permissionNames);
+        }
+
+        return await ResourcePermissionStore.IsGrantedAsync(permissionNames, context.ResourceName, context.ResourceKey, Name, userId);
+    }
+}

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/StaticPermissionDefinitionStore.cs

@@ -11,12 +11,14 @@ namespace Volo.Abp.Authorization.Permissions;
 
 public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore, ISingletonDependency
 {
-    protected IDictionary<string, PermissionGroupDefinition> PermissionGroupDefinitions => _lazyPermissionGroupDefinitions.Value;
-    private readonly Lazy<Dictionary<string, PermissionGroupDefinition>> _lazyPermissionGroupDefinitions;
+    protected IDictionary<string, PermissionGroupDefinition> PermissionGroupDefinitions => _lazyPermissionGroupDefinitions.Value.Item1;
+    private readonly Lazy<(Dictionary<string, PermissionGroupDefinition>, List<PermissionDefinition>)> _lazyPermissionGroupDefinitions;
 
     protected IDictionary<string, PermissionDefinition> PermissionDefinitions => _lazyPermissionDefinitions.Value;
     private readonly Lazy<Dictionary<string, PermissionDefinition>> _lazyPermissionDefinitions;
 
+    protected IList<PermissionDefinition> ResourcePermissionDefinitions => _lazyPermissionGroupDefinitions.Value.Item2;
+
     protected AbpPermissionOptions Options { get; }
 
     private readonly IServiceProvider _serviceProvider;
@@ -33,12 +35,12 @@ public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore,
             isThreadSafe: true
         );
 
-        _lazyPermissionGroupDefinitions = new Lazy<Dictionary<string, PermissionGroupDefinition>>(
+        _lazyPermissionGroupDefinitions = new Lazy<(Dictionary<string, PermissionGroupDefinition>, List<PermissionDefinition>)>(
             CreatePermissionGroupDefinitions,
             isThreadSafe: true
         );
     }
-    
+
     protected virtual Dictionary<string, PermissionDefinition> CreatePermissionDefinitions()
     {
         var permissions = new Dictionary<string, PermissionDefinition>();
@@ -71,7 +73,7 @@ public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore,
         }
     }
 
-    protected virtual Dictionary<string, PermissionGroupDefinition> CreatePermissionGroupDefinitions()
+    protected virtual (Dictionary<string, PermissionGroupDefinition>, List<PermissionDefinition>) CreatePermissionGroupDefinitions()
     {
         using (var scope = _serviceProvider.CreateScope())
         {
@@ -99,10 +101,10 @@ public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore,
                 context.CurrentProvider = provider;
                 provider.PostDefine(context);
             }
-            
+
             context.CurrentProvider = null;
 
-            return context.Groups;
+            return (context.Groups, context.ResourcePermissions);
         }
     }
 
@@ -110,7 +112,7 @@ public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore,
     {
         return Task.FromResult(PermissionDefinitions.GetOrDefault(name));
     }
-    
+
     public virtual Task<IReadOnlyList<PermissionDefinition>> GetPermissionsAsync()
     {
         return Task.FromResult<IReadOnlyList<PermissionDefinition>>(
@@ -118,10 +120,22 @@ public class StaticPermissionDefinitionStore : IStaticPermissionDefinitionStore,
         );
     }
 
+    public virtual Task<PermissionDefinition?> GetResourcePermissionOrNullAsync(string resourceName, string name)
+    {
+        return Task.FromResult<PermissionDefinition?>(ResourcePermissionDefinitions.FirstOrDefault(p => p.ResourceName == resourceName && p.Name == name));
+    }
+
+    public virtual Task<IReadOnlyList<PermissionDefinition>> GetResourcePermissionsAsync()
+    {
+        return Task.FromResult<IReadOnlyList<PermissionDefinition>>(
+            ResourcePermissionDefinitions.ToImmutableList()
+        );
+    }
+
     public Task<IReadOnlyList<PermissionGroupDefinition>> GetGroupsAsync()
     {
         return Task.FromResult<IReadOnlyList<PermissionGroupDefinition>>(
             PermissionGroupDefinitions.Values.ToImmutableList()
         );
     }
-}
+}

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/AbpCliCoreModule.cs

@@ -1,5 +1,8 @@
+using System;
+using System.Linq;
 using System.Text;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
 using Volo.Abp.Cli.Commands;
 using Volo.Abp.Cli.Commands.Internal;
 using Volo.Abp.Cli.Http;
@@ -7,9 +10,12 @@ using Volo.Abp.Cli.ServiceProxying;
 using Volo.Abp.Cli.ServiceProxying.Angular;
 using Volo.Abp.Cli.ServiceProxying.CSharp;
 using Volo.Abp.Cli.ServiceProxying.JavaScript;
+using Volo.Abp.Cli.Telemetry;
 using Volo.Abp.Domain;
 using Volo.Abp.Http;
 using Volo.Abp.IdentityModel;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Activity.Providers;
 using Volo.Abp.Json;
 using Volo.Abp.Localization;
 using Volo.Abp.Minify;
@@ -27,6 +33,8 @@ namespace Volo.Abp.Cli;
 )]
 public class AbpCliCoreModule : AbpModule
 {
+    private const string EnableTelemetryVariableName = "ABP_STUDIO_ENABLE_TELEMETRY";
+    
     public override void ConfigureServices(ServiceConfigurationContext context)
     {
         context.Services.AddHttpClient(CliConsts.HttpClientName)
@@ -82,5 +90,23 @@ public class AbpCliCoreModule : AbpModule
             options.Generators[AngularServiceProxyGenerator.Name] = typeof(AngularServiceProxyGenerator);
             options.Generators[CSharpServiceProxyGenerator.Name] = typeof(CSharpServiceProxyGenerator);
         });
+        
+        ConfigureTelemetry(context.Services);
+    }
+    
+    private static void ConfigureTelemetry(IServiceCollection services)
+    {
+        var enableTelemetryEnvironmentVariable = Environment.GetEnvironmentVariable(EnableTelemetryVariableName , EnvironmentVariableTarget.Machine) 
+                                                 ?? Environment.GetEnvironmentVariable(EnableTelemetryVariableName , EnvironmentVariableTarget.User) 
+                                                 ?? Environment.GetEnvironmentVariable(EnableTelemetryVariableName , EnvironmentVariableTarget.Process);
+
+        if (enableTelemetryEnvironmentVariable.IsNullOrEmpty() || !enableTelemetryEnvironmentVariable.Equals("false", StringComparison.InvariantCultureIgnoreCase))
+        { 
+            services.Remove(services.First(p => p.ImplementationType == typeof(TelemetrySessionInfoEnricher)));
+        }
+        else
+        { 
+            services.Replace(ServiceDescriptor.Singleton<ITelemetryService, NullTelemetryService>());
+        }
     }
 }

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/CliService.cs

@@ -14,12 +14,15 @@ using Volo.Abp.Cli.Memory;
 using Volo.Abp.Cli.Version;
 using Volo.Abp.Cli.Utils;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli;
 
 public class CliService : ITransientDependency
 {
     private readonly MemoryService _memoryService;
+    private readonly ITelemetryService _telemetryService;
     public ILogger<CliService> Logger { get; set; }
     protected ICommandLineArgumentParser CommandLineArgumentParser { get; }
     protected ICommandSelector CommandSelector { get; }
@@ -35,7 +38,8 @@ public class CliService : ITransientDependency
         PackageVersionCheckerService nugetService,
         ICmdHelper cmdHelper,
         MemoryService memoryService,
-        CliVersionService cliVersionService)
+        CliVersionService cliVersionService, 
+        ITelemetryService telemetryService)
     {
         _memoryService = memoryService;
         CommandLineArgumentParser = commandLineArgumentParser;
@@ -44,6 +48,7 @@ public class CliService : ITransientDependency
         PackageVersionCheckerService = nugetService;
         CmdHelper = cmdHelper;
         CliVersionService = cliVersionService;
+        _telemetryService = telemetryService;
 
         Logger = NullLogger<CliService>.Instance;
     }
@@ -64,6 +69,7 @@ public class CliService : ITransientDependency
 
         try
         {
+            await using var _ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliRun);
             if (commandLineArgs.IsCommand("prompt"))
             {
                 await RunPromptAsync();
@@ -84,9 +90,14 @@ public class CliService : ITransientDependency
         }
         catch (Exception ex)
         {
+            await _telemetryService.AddErrorActivityAsync(ex.Message);
             Logger.LogException(ex);
             throw;
         }
+        finally
+        {
+            await _telemetryService.AddActivityAsync(ActivityNameConsts.AbpCliExit);
+        }
     }
 
     private async Task RunPromptAsync()

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/AddModuleCommand.cs

@@ -11,6 +11,8 @@ using Volo.Abp.Cli.ProjectBuilding.Templates.MvcModule;
 using Volo.Abp.Cli.ProjectModification;
 using Volo.Abp.Cli.Utils;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -20,6 +22,8 @@ public class AddModuleCommand : IConsoleCommand, ITransientDependency
     public const string Name = "add-module";
     
     private AddModuleInfoOutput _lastAddedModuleInfo;
+    private readonly ITelemetryService _telemetryService;
+    
     public ILogger<AddModuleCommand> Logger { get; set; }
 
     protected SolutionModuleAdder SolutionModuleAdder { get; }
@@ -39,11 +43,13 @@ public class AddModuleCommand : IConsoleCommand, ITransientDependency
     public AddModuleCommand(
         SolutionModuleAdder solutionModuleAdder,
         SolutionPackageVersionFinder solutionPackageVersionFinder,
-        IOptions<AbpCliOptions> options)
+        IOptions<AbpCliOptions> options,
+        ITelemetryService telemetryService)
     {
         _options = options.Value;
         SolutionModuleAdder = solutionModuleAdder;
         SolutionPackageVersionFinder = solutionPackageVersionFinder;
+        _telemetryService = telemetryService;
         Logger = NullLogger<AddModuleCommand>.Instance;
     }
 
@@ -66,6 +72,11 @@ public class AddModuleCommand : IConsoleCommand, ITransientDependency
         }
 
         var newTemplate = commandLineArgs.Options.ContainsKey(Options.NewTemplate.Long);
+
+        await using var _ = _telemetryService.TrackActivityAsync(newTemplate
+            ? ActivityNameConsts.AbpCliCommandsInstallLocalModule
+            : ActivityNameConsts.AbpCliCommandsInstallModule);
+        
         var template = commandLineArgs.Options.GetOrNull(Options.Template.Short, Options.Template.Long);
         var newProTemplate = !string.IsNullOrEmpty(template) && template == ModuleProTemplate.TemplateName;
         var withSourceCode = newTemplate || newProTemplate || commandLineArgs.Options.ContainsKey(Options.SourceCode.Long);

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/AddPackageCommand.cs

@@ -9,6 +9,8 @@ using Volo.Abp.Cli.Args;
 using Volo.Abp.Cli.ProjectModification;
 using Volo.Abp.Cli.Utils;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -16,16 +18,19 @@ public class AddPackageCommand : IConsoleCommand, ITransientDependency
 {
     public const string Name = "add-package";
 
+    private readonly ITelemetryService _telemetryService;
+    
     public ILogger<AddPackageCommand> Logger { get; set; }
 
     protected ProjectNugetPackageAdder ProjectNugetPackageAdder { get; }
 
     public ProjectNpmPackageAdder ProjectNpmPackageAdder { get; }
 
-    public AddPackageCommand(ProjectNugetPackageAdder projectNugetPackageAdder, ProjectNpmPackageAdder projectNpmPackageAdder)
+    public AddPackageCommand(ProjectNugetPackageAdder projectNugetPackageAdder, ProjectNpmPackageAdder projectNpmPackageAdder, ITelemetryService telemetryService)
     {
         ProjectNugetPackageAdder = projectNugetPackageAdder;
         ProjectNpmPackageAdder = projectNpmPackageAdder;
+        _telemetryService = telemetryService;
         Logger = NullLogger<AddPackageCommand>.Instance;
     }
 
@@ -39,6 +44,9 @@ public class AddPackageCommand : IConsoleCommand, ITransientDependency
                 GetUsageInfo()
             );
         }
+        
+        await using var _ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliCommandsNewPackage);
+        await using var __ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliCommandsAddPackage);
 
         var isNpmPackage = false;
         var isNugetPackage = true;
@@ -51,11 +59,11 @@ public class AddPackageCommand : IConsoleCommand, ITransientDependency
 
         var version = commandLineArgs.Options.GetOrNull(Options.Version.Short, Options.Version.Long);
         var withSourceCode = commandLineArgs.Options.ContainsKey(Options.SourceCode.Long);
-
+        
         if (isNugetPackage)
         {
             var addSourceCodeToSolutionFile = withSourceCode && commandLineArgs.Options.ContainsKey("add-to-solution-file");
-
+            
             await ProjectNugetPackageAdder.AddAsync(
                 GetSolutionFile(commandLineArgs),
                 GetProjectFile(commandLineArgs),

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/CleanCommand.cs

@@ -8,6 +8,8 @@ using Microsoft.Extensions.Logging.Abstractions;
 using Volo.Abp.Cli.Args;
 using Volo.Abp.Cli.Utils;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -16,17 +18,21 @@ public class CleanCommand : IConsoleCommand, ITransientDependency
     public const string Name = "clean";
 
     public ILogger<CleanCommand> Logger { get; set; }
-
+    
     protected ICmdHelper CmdHelper { get; }
+    
+    private readonly ITelemetryService _telemetryService;
 
-    public CleanCommand(ICmdHelper cmdHelper)
+    public CleanCommand(ICmdHelper cmdHelper, ITelemetryService telemetryService)
     {
         CmdHelper = cmdHelper;
+        _telemetryService = telemetryService;
         Logger = NullLogger<CleanCommand>.Instance;
     }
 
-    public Task ExecuteAsync(CommandLineArgs commandLineArgs)
+    public async Task ExecuteAsync(CommandLineArgs commandLineArgs)
     {
+        await using var _ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliCommandsClean);
         var binEntries = Directory.EnumerateDirectories(Directory.GetCurrentDirectory(), "bin", SearchOption.AllDirectories);
         var objEntries = Directory.EnumerateDirectories(Directory.GetCurrentDirectory(), "obj", SearchOption.AllDirectories);
 
@@ -49,7 +55,6 @@ public class CleanCommand : IConsoleCommand, ITransientDependency
         Logger.LogInformation($"'bin' and 'obj' folders removed successfully!");
 
         Logger.LogInformation("Solution cleaned successfully!");
-        return Task.CompletedTask;
     }
 
     public string GetUsageInfo()

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/ListModulesCommand.cs

@@ -7,6 +7,8 @@ using System.Threading.Tasks;
 using Volo.Abp.Cli.Args;
 using Volo.Abp.Cli.ProjectBuilding;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -17,15 +19,19 @@ public class ListModulesCommand : IConsoleCommand, ITransientDependency
     public ModuleInfoProvider ModuleInfoProvider { get; }
     public ILogger<ListModulesCommand> Logger { get; set; }
 
+    private readonly ITelemetryService _telemetryService;
 
-    public ListModulesCommand(ModuleInfoProvider moduleInfoProvider)
+    public ListModulesCommand(ModuleInfoProvider moduleInfoProvider, ITelemetryService telemetryService)
     {
         ModuleInfoProvider = moduleInfoProvider;
+        _telemetryService = telemetryService;
         Logger = NullLogger<ListModulesCommand>.Instance;
     }
 
     public async Task ExecuteAsync(CommandLineArgs commandLineArgs)
     {
+        await using var _ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliCommandsListModules);
+        
         var modules = await ModuleInfoProvider.GetModuleListAsync();
         var freeModules = modules.Where(m => !m.IsPro).ToList();
         var proModules = modules.Where(m => m.IsPro).ToList();

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/NewCommand.cs

@@ -11,11 +11,15 @@ using Volo.Abp.Cli.Commands.Services;
 using Volo.Abp.Cli.LIbs;
 using Volo.Abp.Cli.ProjectBuilding;
 using Volo.Abp.Cli.ProjectBuilding.Events;
+using Volo.Abp.Cli.ProjectBuilding.Templates.Module;
 using Volo.Abp.Cli.ProjectModification;
 using Volo.Abp.Cli.Utils;
 using Volo.Abp.Cli.Version;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.EventBus.Local;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
+using Volo.Abp.Internal.Telemetry.Constants.Enums;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -26,6 +30,8 @@ public class NewCommand : ProjectCreationCommandBase, IConsoleCommand, ITransien
     protected TemplateProjectBuilder TemplateProjectBuilder { get; }
     public ITemplateInfoProvider TemplateInfoProvider { get; }
 
+    private readonly ITelemetryService _telemetryService;
+
     public NewCommand(
         ConnectionStringProvider connectionStringProvider,
         SolutionPackageVersionFinder solutionPackageVersionFinder,
@@ -40,7 +46,8 @@ public class NewCommand : ProjectCreationCommandBase, IConsoleCommand, ITransien
         ITemplateInfoProvider templateInfoProvider,
         TemplateProjectBuilder templateProjectBuilder,
         AngularThemeConfigurer angularThemeConfigurer,
-        CliVersionService cliVersionService) :
+        CliVersionService cliVersionService, 
+        ITelemetryService telemetryService) :
         base(connectionStringProvider,
             solutionPackageVersionFinder,
             cmdHelper,
@@ -56,6 +63,7 @@ public class NewCommand : ProjectCreationCommandBase, IConsoleCommand, ITransien
     {
         TemplateInfoProvider = templateInfoProvider;
         TemplateProjectBuilder = templateProjectBuilder;
+        _telemetryService = telemetryService;
     }
 
     public async Task ExecuteAsync(CommandLineArgs commandLineArgs)
@@ -94,6 +102,19 @@ public class NewCommand : ProjectCreationCommandBase, IConsoleCommand, ITransien
         var result = await TemplateProjectBuilder.BuildAsync(
             projectArgs
         );
+        
+        var activityName = ActivityNameConsts.AbpCliCommandsNewSolution;
+
+        if (ModuleTemplateBase.IsModuleTemplate(template))
+        {
+            activityName = ActivityNameConsts.AbpCliCommandsNewModule;
+        }
+        
+        await _telemetryService.AddActivityAsync(activityName, o =>
+        {
+            o[ActivityPropertyNames.CreationTool] = AbpTool.OldCli;
+            o[ActivityPropertyNames.Template] = template;
+        });
 
         ExtractProjectZip(result, projectArgs.OutputFolder);
 

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Commands/UpdateCommand.cs

@@ -9,6 +9,8 @@ using Microsoft.Extensions.Logging.Abstractions;
 using Volo.Abp.Cli.Args;
 using Volo.Abp.Cli.ProjectModification;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Constants;
 
 namespace Volo.Abp.Cli.Commands;
 
@@ -20,18 +22,21 @@ public class UpdateCommand : IConsoleCommand, ITransientDependency
 
     private readonly VoloNugetPackagesVersionUpdater _nugetPackagesVersionUpdater;
     private readonly NpmPackagesUpdater _npmPackagesUpdater;
+    private readonly ITelemetryService _telemetryService;
 
     public UpdateCommand(VoloNugetPackagesVersionUpdater nugetPackagesVersionUpdater,
-        NpmPackagesUpdater npmPackagesUpdater)
+        NpmPackagesUpdater npmPackagesUpdater, ITelemetryService telemetryService)
     {
         _nugetPackagesVersionUpdater = nugetPackagesVersionUpdater;
         _npmPackagesUpdater = npmPackagesUpdater;
+        _telemetryService = telemetryService;
 
         Logger = NullLogger<UpdateCommand>.Instance;
     }
 
     public async Task ExecuteAsync(CommandLineArgs commandLineArgs)
     {
+        await using var _ = _telemetryService.TrackActivityAsync(ActivityNameConsts.AbpCliCommandsUpdate);
         var updateNpm = commandLineArgs.Options.ContainsKey(Options.Packages.Npm);
         var updateNuget = commandLineArgs.Options.ContainsKey(Options.Packages.NuGet);
 

framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/Telemetry/NullTelemetryService.cs

@@ -0,0 +1,39 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Volo.Abp.Internal.Telemetry;
+using Volo.Abp.Internal.Telemetry.Activity;
+
+namespace Volo.Abp.Cli.Telemetry;
+
+public class NullTelemetryService : ITelemetryService
+{
+    public IAsyncDisposable TrackActivity(ActivityEvent activityData)
+    {
+        return NullAsyncDisposable.Instance;
+    }
+    public IAsyncDisposable TrackActivityAsync(string activityName, Action<Dictionary<string, object>>? additionalProperties = null)
+    {
+        return NullAsyncDisposable.Instance;
+    }
+
+    public Task AddActivityAsync(string activityName, Action<Dictionary<string, object>>? additionalProperties = null)
+    {
+        return Task.CompletedTask;
+    }
+
+    public Task AddErrorActivityAsync(Action<Dictionary<string, object>> additionalProperties)
+    {
+        return Task.CompletedTask;
+    }
+
+    public Task AddErrorActivityAsync(string errorMessage)
+    {
+        return Task.CompletedTask;
+    }
+
+    public Task AddErrorForActivityAsync(string failingActivity, string errorMessage)
+    {
+        return Task.CompletedTask;
+    }
+}

framework/src/Volo.Abp.Cli/Volo/Abp/Cli/Telemetry/TelemetryCliSessionProvider.cs

@@ -0,0 +1,44 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.Internal.Telemetry.Activity;
+using Volo.Abp.Internal.Telemetry.Activity.Contracts;
+using Volo.Abp.Internal.Telemetry.Activity.Providers;
+using Volo.Abp.Internal.Telemetry.Constants;
+using Volo.Abp.Internal.Telemetry.Constants.Enums;
+
+namespace Volo.Abp.Cli.Telemetry;
+
+[ExposeServices(typeof(ITelemetryActivityEventEnricher))]
+public class TelemetryCliSessionProvider : TelemetryActivityEventEnricher
+{
+    public TelemetryCliSessionProvider(IServiceProvider serviceProvider) : base(serviceProvider)
+    {
+    }
+
+    public override int ExecutionOrder { get; set; } = 10;
+
+    protected override Task ExecuteAsync(ActivityContext context)
+    {
+        context.Current[ActivityPropertyNames.SessionType] = SessionType.AbpCli;
+        context.Current[ActivityPropertyNames.SessionId] = Guid.NewGuid();
+        context.Current[ActivityPropertyNames.IsFirstSession] = !File.Exists(TelemetryPaths.ActivityStorage);
+        context.Current["OldCli"] = true;
+        
+        if(context.Current.TryGetValue<Dictionary<string, object>>(ActivityPropertyNames.AdditionalProperties, out var additionalProperties))
+        {
+            additionalProperties["OldCli"] = true;
+        }
+        else
+        {
+            context.Current[ActivityPropertyNames.AdditionalProperties] = new Dictionary<string, object>
+            {
+                { "OldCli", true }
+            };
+        }
+        
+        return Task.CompletedTask;
+    }
+}

framework/src/Volo.Abp.Core/Volo/Abp/IKeyedObject.cs

@@ -0,0 +1,6 @@
+namespace Volo.Abp;
+
+public interface IKeyedObject
+{
+    string? GetObjectKey();
+}

framework/src/Volo.Abp.Core/Volo/Abp/KeyedObjectHelper.cs

@@ -0,0 +1,39 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace Volo.Abp;
+
+public static class KeyedObjectHelper
+{
+    public static string EncodeCompositeKey(params object?[] keys)
+    {
+        var raw = keys.JoinAsString("||");
+        var bytes = Encoding.UTF8.GetBytes(raw);
+        var base64 = Convert.ToBase64String(bytes);
+        var base64Url = base64
+            .Replace("+", "-")
+            .Replace("/", "_")
+            .TrimEnd('=');
+        
+        return base64Url;
+    }
+    
+    public static string DecodeCompositeKey(string encoded)
+    {
+        var base64 = encoded
+            .Replace("-", "+")
+            .Replace("_", "/");
+
+        switch (encoded.Length % 4)
+        {
+            case 2: base64 += "=="; break;
+            case 3: base64 += "="; break;
+        }
+
+        var bytes = Convert.FromBase64String(base64);
+        var raw = Encoding.UTF8.GetString(bytes);
+
+        return raw;
+    }
+}

framework/src/Volo.Abp.Ddd.Application.Contracts/Volo/Abp/Application/Dtos/EntityDto.cs

@@ -23,4 +23,9 @@ public abstract class EntityDto<TKey> : EntityDto, IEntityDto<TKey>
     {
         return $"[DTO: {GetType().Name}] Id = {Id}";
     }
+
+    public virtual string? GetObjectKey()
+    {
+        return Id?.ToString();
+    }
 }

framework/src/Volo.Abp.Ddd.Application.Contracts/Volo/Abp/Application/Dtos/ExtensibleEntityDto.cs

@@ -27,6 +27,11 @@ public abstract class ExtensibleEntityDto<TKey> : ExtensibleObject, IEntityDto<T
     {
         return $"[DTO: {GetType().Name}] Id = {Id}";
     }
+
+    public virtual string? GetObjectKey()
+    {
+        return Id?.ToString();
+    }
 }
 
 [Serializable]

framework/src/Volo.Abp.Ddd.Application.Contracts/Volo/Abp/Application/Dtos/IEntityDto.cs

@@ -5,7 +5,7 @@ public interface IEntityDto
 
 }
 
-public interface IEntityDto<TKey> : IEntityDto
+public interface IEntityDto<TKey> : IEntityDto, IKeyedObject
 {
     TKey Id { get; set; }
 }

framework/src/Volo.Abp.Ddd.Domain/Volo/Abp/Domain/Entities/Entity.cs

@@ -18,6 +18,17 @@ public abstract class Entity : IEntity
         return $"[ENTITY: {GetType().Name}] Keys = {GetKeys().JoinAsString(", ")}";
     }
 
+    public virtual string? GetObjectKey()
+    {
+        var keys = GetKeys();
+        return keys.Length switch
+        {
+            0 => null,
+            1 when keys[0] != null => keys[0]?.ToString(),
+            _ => KeyedObjectHelper.EncodeCompositeKey(keys)
+        };
+    }
+
     public abstract object?[] GetKeys();
 
     public bool EntityEquals(IEntity other)
@@ -45,7 +56,7 @@ public abstract class Entity<TKey> : Entity, IEntity<TKey>
 
     public override object?[] GetKeys()
     {
-        return new object?[] { Id };
+        return [Id];
     }
 
     /// <inheritdoc/>

framework/src/Volo.Abp.Ddd.Domain/Volo/Abp/Domain/Entities/IEntity.cs

@@ -4,7 +4,7 @@
 /// Defines an entity. It's primary key may not be "Id" or it may have a composite primary key.
 /// Use <see cref="IEntity{TKey}"/> where possible for better integration to repositories and other structures in the framework.
 /// </summary>
-public interface IEntity
+public interface IEntity : IKeyedObject
 {
     /// <summary>
     /// Returns an array of ordered keys for this entity.

framework/src/Volo.Abp.EntityFrameworkCore/Volo/Abp/EntityFrameworkCore/AbpDbContext.cs

@@ -204,6 +204,7 @@ public abstract class AbpDbContext<TDbContext> : DbContext, IAbpEfCoreDbContext,
             case "Npgsql.EntityFrameworkCore.PostgreSQL":
                 return EfCoreDatabaseProvider.PostgreSql;
             case "Pomelo.EntityFrameworkCore.MySql":
+            case "MySql.Data.MySqlClient":
                 return EfCoreDatabaseProvider.MySql;
             case "Oracle.EntityFrameworkCore":
             case "Devart.Data.Oracle.Entity.EFCore":

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/ar.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "الصوره الشخصيه",
     "Theme": "سمة",
     "NotAssigned": "غيرمعتمد",
-    "EntityActionsDisabledTooltip": "ليس لديك إذن لتنفيذ أي إجراء."
+    "EntityActionsDisabledTooltip": "ليس لديك إذن لتنفيذ أي إجراء.",
+    "ResourcePermissions": "أذونات"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/cs.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profilový obrázek",
     "Theme": "Téma",
     "NotAssigned": "Nepřiřazena",
-    "EntityActionsDisabledTooltip": "Nemáte oprávnění provést žádnou akci."
+    "EntityActionsDisabledTooltip": "Nemáte oprávnění provést žádnou akci.",
+    "ResourcePermissions": "Oprávnění"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/de.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profilbild",
     "Theme": "Thema",
     "NotAssigned": "Nicht zugeordnet",
-    "EntityActionsDisabledTooltip": "Sie haben keine Berechtigung, Aktionen auszuführen."
+    "EntityActionsDisabledTooltip": "Sie haben keine Berechtigung, Aktionen auszuführen.",
+    "ResourcePermissions": "Berechtigungen"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/el.json

@@ -55,6 +55,7 @@
     "OthersGroup": "άλλος",
     "Today": "Σήμερα",
     "Apply": "Ισχύουν",
-    "EntityActionsDisabledTooltip": "Δεν έχετε δικαίωμα να εκτελέσετε καμία ενέργεια."
+    "EntityActionsDisabledTooltip": "Δεν έχετε δικαίωμα να εκτελέσετε καμία ενέργεια.",
+    "ResourcePermissions": "Δικαιώματα",
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/en-GB.json

@@ -56,6 +56,7 @@
     "NotAssigned": "Not Assigned",
     "Today": "Today",
     "Apply": "Apply",
-    "EntityActionsDisabledTooltip": "You do not have permission to perform any action."
+    "EntityActionsDisabledTooltip": "You do not have permission to perform any action.",
+    "ResourcePermissions": "Permissions"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/en.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profile picture",
     "Theme": "Theme",
     "NotAssigned": "Not Assigned",
-    "EntityActionsDisabledTooltip": "You do not have permission to perform any action."
+    "EntityActionsDisabledTooltip": "You do not have permission to perform any action.",
+    "ResourcePermissions": "Permissions"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/es.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Foto de perfil",
     "Theme": "Tema",
     "NotAssigned": "No asignado",
-    "EntityActionsDisabledTooltip": "No tienes permisos para realizar ninguna acción."
+    "EntityActionsDisabledTooltip": "No tienes permisos para realizar ninguna acción.",
+    "ResourcePermissions": "Permisos"
   }
-}
+}

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/fa.json

@@ -55,6 +55,7 @@
     "OthersGroup": "دیگر",
     "Today": "امروز",
     "Apply": "درخواست دادن",
-    "EntityActionsDisabledTooltip": "شما دسترسی به انجام هر گونه عملیات ندارید."
+    "EntityActionsDisabledTooltip": "شما دسترسی به انجام هر گونه عملیات ندارید.",
+    "ResourcePermissions": "مجوزها"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/fi.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profiilikuva",
     "Theme": "Teema",
     "NotAssigned": "Ei määritetty",
-    "EntityActionsDisabledTooltip": "Sinulla ei ole oikeutta suorittaa mitään toimintoa."
+    "EntityActionsDisabledTooltip": "Sinulla ei ole oikeutta suorittaa mitään toimintoa.",
+    "ResourcePermissions": "Käyttöoikeudet"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/fr.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Image de profil",
     "Theme": "Thème",
     "NotAssigned": "Non attribué",
-    "EntityActionsDisabledTooltip": "Vous n'avez pas les permissions pour effectuer une action."
+    "EntityActionsDisabledTooltip": "Vous n'avez pas les permissions pour effectuer une action.",
+    "ResourcePermissions": "Autorisations"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/hi.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "प्रोफ़ाइल फोटो",
     "Theme": "विषय",
     "NotAssigned": "सौंपा नहीं गया है",
-    "EntityActionsDisabledTooltip": "आपके पास कोई कार्रवाई नहीं है जो करने के लिए है।"
+    "EntityActionsDisabledTooltip": "आपके पास कोई कार्रवाई नहीं है जो करने के लिए है।",
+    "ResourcePermissions": "अनुमतियाँ"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/hr.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profilna slika",
     "Theme": "Tema",
     "NotAssigned": "Nije dodijeljeno",
-    "EntityActionsDisabledTooltip": "Nemate dozvolu za izvođenje bilo kakve akcije."
+    "EntityActionsDisabledTooltip": "Nemate dozvolu za izvođenje bilo kakve akcije.",
+    "ResourcePermissions": "Dozvole"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/hu.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profil kép",
     "Theme": "Téma",
     "NotAssigned": "Nem kijelölt",
-    "EntityActionsDisabledTooltip": "Nincs jogosultsága bármely művelethez."
+    "EntityActionsDisabledTooltip": "Nincs jogosultsága bármely művelethez.",
+    "ResourcePermissions": "Engedélyek"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/is.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Forsíðumynd",
     "Theme": "Þema",
     "NotAssigned": "Ekki skráður",
-    "EntityActionsDisabledTooltip": "Þú hefur ekki aðgang að þessum aðgerðum."
+    "EntityActionsDisabledTooltip": "Þú hefur ekki aðgang að þessum aðgerðum.",
+    "ResourcePermissions": "Aðgangsheimildir"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/it.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Immagine del profilo",
     "Theme": "Tema",
     "NotAssigned": "Non assegnato",
-    "EntityActionsDisabledTooltip": "Non hai i permessi per eseguire alcuna azione."
+    "EntityActionsDisabledTooltip": "Non hai i permessi per eseguire alcuna azione.",
+    "ResourcePermissions": "Autorizzazioni"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/nl.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profielfoto",
     "Theme": "Thema",
     "NotAssigned": "Niet toegekend",
-    "EntityActionsDisabledTooltip": "U hebt geen toegang tot deze acties."
+    "EntityActionsDisabledTooltip": "U hebt geen toegang tot deze acties.",
+    "ResourcePermissions": "Machtigingen"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/pl-PL.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Zdjęcie profilowe",
     "Theme": "Temat",
     "NotAssigned": "Nie przypisano",
-    "EntityActionsDisabledTooltip": "Nie masz uprawnień do wykonania żadnej akcji."
+    "EntityActionsDisabledTooltip": "Nie masz uprawnień do wykonania żadnej akcji.",
+    "ResourcePermissions": "Uprawnienia"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/pt-BR.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Foto do perfil",
     "Theme": "Tema",
     "NotAssigned": "Não atribuído",
-    "EntityActionsDisabledTooltip": "Você não tem permissão para executar qualquer ação."
+    "EntityActionsDisabledTooltip": "Você não tem permissão para executar qualquer ação.",
+    "ResourcePermissions": "Permissões"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/ro-RO.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Poză de profil",
     "Theme": "Temă",
     "NotAssigned": "Nealocat",
-    "EntityActionsDisabledTooltip": "Nu aveți permisiune să efectuați nicio acțiune."
+    "EntityActionsDisabledTooltip": "Nu aveți permisiune să efectuați nicio acțiune.",
+    "ResourcePermissions": "Permisiuni"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/ru.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Изображение профиля",
     "Theme": "Тема",
     "NotAssigned": "Не назначен",
-    "EntityActionsDisabledTooltip": "У вас нет прав на выполнение каких-либо действий."
+    "EntityActionsDisabledTooltip": "У вас нет прав на выполнение каких-либо действий.",
+    "ResourcePermissions": "Разрешения"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/sk.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profilový obrázok",
     "Theme": "Téma",
     "NotAssigned": "Nepridelené",
-    "EntityActionsDisabledTooltip": "Nemáte oprávnenie vykonávať žiadnu akciu."
+    "EntityActionsDisabledTooltip": "Nemáte oprávnenie vykonávať žiadnu akciu.",
+    "ResourcePermissions": "Oprávnenia"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/sl.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profilna slika",
     "Theme": "Tema",
     "NotAssigned": "Ni dodeljena",
-    "EntityActionsDisabledTooltip": "Nimate pravic za izvajanje kakršne koli dejanje."
+    "EntityActionsDisabledTooltip": "Nimate pravic za izvajanje kakršne koli dejanje.",
+    "ResourcePermissions": "Dovoljenja"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/sv.json

@@ -60,6 +60,7 @@
     "ProfilePicture": "Profilbild",
     "Theme": "Tema",
     "NotAssigned": "Ej tilldelad",
-    "EntityActionsDisabledTooltip": "Du har inte tillgång till dessa åtgärder."
+    "EntityActionsDisabledTooltip": "Du har inte tillgång till dessa åtgärder.",
+    "ResourcePermissions": "Behörigheter"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/tr.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Profil resmi",
     "Theme": "Tema",
     "NotAssigned": "Atanmadı",
-    "EntityActionsDisabledTooltip": "Bu işlemi gerçekleştirmek için yeterli yetkiniz yok."
+    "EntityActionsDisabledTooltip": "Bu işlemi gerçekleştirmek için yeterli yetkiniz yok.",
+    "ResourcePermissions": "İzinler"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/vi.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "Ảnh đại diện",
     "Theme": "chủ đề",
     "NotAssigned": "Không được chỉ định",
-    "EntityActionsDisabledTooltip": "Bạn không có quyền thực hiện bất kỳ hành động nào."
+    "EntityActionsDisabledTooltip": "Bạn không có quyền thực hiện bất kỳ hành động nào.",
+    "ResourcePermissions": "Quyền"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/zh-Hans.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "个人资料图片",
     "Theme": "主题",
     "NotAssigned": "未分配",
-    "EntityActionsDisabledTooltip": "您没有权限执行任何操作。"
+    "EntityActionsDisabledTooltip": "您没有权限执行任何操作。",
+    "ResourcePermissions": "权限"
   }
 }

framework/src/Volo.Abp.UI/Localization/Resources/AbpUi/zh-Hant.json

@@ -61,6 +61,7 @@
     "ProfilePicture": "個人資料圖片",
     "Theme": "主題",
     "NotAssigned": "未分配",
-    "EntityActionsDisabledTooltip": "您沒有權限執行任何操作。"
+    "EntityActionsDisabledTooltip": "您沒有權限執行任何操作。",
+    "ResourcePermissions": "權限"
   }
 }

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/AbpAuthorizationTestModule.cs

@@ -1,6 +1,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Authorization.TestServices;
+using Volo.Abp.Authorization.TestServices.Resources;
 using Volo.Abp.Autofac;
 using Volo.Abp.DynamicProxy;
 using Volo.Abp.ExceptionHandling;
@@ -33,6 +34,9 @@ public class AbpAuthorizationTestModule : AbpModule
             options.ValueProviders.Add<TestPermissionValueProvider2>();
             options.ValueProviders.Add<TestProhibitedPermissionValueProvider1>();
             options.ValueProviders.Add<TestProhibitedPermissionValueProvider2>();
+
+            options.ResourceValueProviders.Add<TestResourcePermissionValueProvider1>();
+            options.ResourceValueProviders.Add<TestResourcePermissionValueProvider2>();
         });
     }
 }

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/PermissionValueProviderManager_Tests.cs

@@ -2,12 +2,11 @@ using System;
 using System.Threading.Tasks;
 using Microsoft.Extensions.DependencyInjection;
 using Shouldly;
-using Volo.Abp.Authorization;
 using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Authorization.TestServices;
 using Xunit;
 
-namespace Volo.Abp;
+namespace Volo.Abp.Authorization;
 
 public class PermissionValueProviderManager_Tests: AuthorizationTestBase
 {
@@ -17,7 +16,7 @@ public class PermissionValueProviderManager_Tests: AuthorizationTestBase
     {
         _permissionValueProviderManager = GetRequiredService<IPermissionValueProviderManager>();
     }
-    
+
     protected override void SetAbpApplicationCreationOptions(AbpApplicationCreationOptions options)
     {
         options.Services.Configure<AbpPermissionOptions>(permissionOptions =>
@@ -25,7 +24,7 @@ public class PermissionValueProviderManager_Tests: AuthorizationTestBase
             permissionOptions.ValueProviders.Add<TestDuplicatePermissionValueProvider>();
         });
     }
-    
+
     [Fact]
     public void Should_Throw_Exception_If_Duplicate_Provider_Name_Detected()
     {
@@ -33,7 +32,7 @@ public class PermissionValueProviderManager_Tests: AuthorizationTestBase
         {
             var providers = _permissionValueProviderManager.ValueProviders;
         });
-        
+
         exception.Message.ShouldBe($"Duplicate permission value provider name detected: TestPermissionValueProvider1. Providers:{Environment.NewLine}{typeof(TestDuplicatePermissionValueProvider).FullName}{Environment.NewLine}{typeof(TestPermissionValueProvider1).FullName}");
     }
 }
@@ -55,4 +54,4 @@ public class TestDuplicatePermissionValueProvider : PermissionValueProvider
     {
         throw new NotImplementedException();
     }
-}
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/ResourcePermissionChecker_Tests.cs

@@ -0,0 +1,62 @@
+using System.Threading.Tasks;
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.Authorization.TestServices.Resources;
+using Xunit;
+
+namespace Volo.Abp.Authorization;
+
+public class ResourcePermissionChecker_Tests: AuthorizationTestBase
+{
+    private readonly IResourcePermissionChecker _resourcePermissionChecker;
+
+    public ResourcePermissionChecker_Tests()
+    {
+        _resourcePermissionChecker = GetRequiredService<IResourcePermissionChecker>();
+    }
+
+    [Fact]
+    public async Task IsGrantedAsync()
+    {
+        (await _resourcePermissionChecker.IsGrantedAsync("MyResourcePermission5", TestEntityResource.ResourceName, TestEntityResource.ResourceKey5)).ShouldBe(true);
+        (await _resourcePermissionChecker.IsGrantedAsync("UndefinedResourcePermission", TestEntityResource.ResourceName, TestEntityResource.ResourceKey5)).ShouldBe(false);
+        (await _resourcePermissionChecker.IsGrantedAsync("MyResourcePermission8", TestEntityResource.ResourceName, TestEntityResource.ResourceKey5)).ShouldBe(false);
+    }
+
+    [Fact]
+    public async Task IsGranted_Multiple_Result_Async()
+    {
+        var result = await _resourcePermissionChecker.IsGrantedAsync(new []
+        {
+            "MyResourcePermission1",
+            "MyResourcePermission2",
+            "UndefinedPermission",
+            "MyResourcePermission3",
+            "MyResourcePermission4",
+            "MyResourcePermission5",
+            "MyResourcePermission8"
+        }, TestEntityResource.ResourceName, TestEntityResource.ResourceKey5);
+
+        result.Result["MyResourcePermission1"].ShouldBe(PermissionGrantResult.Undefined);
+        result.Result["MyResourcePermission2"].ShouldBe(PermissionGrantResult.Prohibited);
+        result.Result["UndefinedPermission"].ShouldBe(PermissionGrantResult.Prohibited);
+        result.Result["MyResourcePermission3"].ShouldBe(PermissionGrantResult.Granted);
+        result.Result["MyResourcePermission4"].ShouldBe(PermissionGrantResult.Prohibited);
+        result.Result["MyResourcePermission5"].ShouldBe(PermissionGrantResult.Granted);
+        result.Result["MyResourcePermission8"].ShouldBe(PermissionGrantResult.Prohibited);
+
+        result = await _resourcePermissionChecker.IsGrantedAsync(new []
+        {
+            "MyResourcePermission6",
+        }, TestEntityResource.ResourceName, TestEntityResource.ResourceKey6);
+
+        result.Result["MyResourcePermission6"].ShouldBe(PermissionGrantResult.Granted);
+
+        result = await _resourcePermissionChecker.IsGrantedAsync(new []
+        {
+            "MyResourcePermission7",
+        }, TestEntityResource.ResourceName, TestEntityResource.ResourceKey7);
+        result.Result["MyResourcePermission7"].ShouldBe(PermissionGrantResult.Granted);
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/ResourcePermissionPopulator_Test.cs

@@ -0,0 +1,60 @@
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Shouldly;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.Authorization.TestServices.Resources;
+using Xunit;
+
+namespace Volo.Abp.Authorization;
+
+public class ResourcePermissionPopulator_Tests : AuthorizationTestBase
+{
+    private readonly ResourcePermissionPopulator _resourcePermissionPopulator;
+
+    public ResourcePermissionPopulator_Tests()
+    {
+        _resourcePermissionPopulator = GetRequiredService<ResourcePermissionPopulator>();
+    }
+
+    [Fact]
+    public async Task PopulateAsync()
+    {
+        var testResourceObject = new TestEntityResource(TestEntityResource.ResourceKey5);
+        testResourceObject.ResourcePermissions.IsNullOrEmpty().ShouldBeTrue();
+
+        await _resourcePermissionPopulator.PopulateAsync<TestEntityResource>(
+            testResourceObject,
+            TestEntityResource.ResourceName
+        );
+
+        testResourceObject.ResourcePermissions.ShouldNotBeNull();
+        testResourceObject.ResourcePermissions.Count.ShouldBe(8);
+        testResourceObject.ResourcePermissions["MyResourcePermission1"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission2"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission3"].ShouldBe(true);
+        testResourceObject.ResourcePermissions["MyResourcePermission4"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission5"].ShouldBe(true);
+        testResourceObject.ResourcePermissions["MyResourcePermission6"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission7"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission8"].ShouldBe(false);
+
+        testResourceObject = new TestEntityResource(TestEntityResource.ResourceKey6);
+        testResourceObject.ResourcePermissions.IsNullOrEmpty().ShouldBeTrue();
+
+        await _resourcePermissionPopulator.PopulateAsync<TestEntityResource>(
+            testResourceObject,
+            TestEntityResource.ResourceName
+        );
+
+        testResourceObject.ResourcePermissions.ShouldNotBeNull();
+        testResourceObject.ResourcePermissions.Count.ShouldBe(8);
+        testResourceObject.ResourcePermissions["MyResourcePermission1"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission2"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission3"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission4"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission5"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission6"].ShouldBe(true);
+        testResourceObject.ResourcePermissions["MyResourcePermission7"].ShouldBe(false);
+        testResourceObject.ResourcePermissions["MyResourcePermission8"].ShouldBe(false);
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/ResourcePermissionValueProviderManager_Tests.cs

@@ -0,0 +1,58 @@
+using System;
+using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.Authorization.TestServices.Resources;
+using Xunit;
+
+namespace Volo.Abp.Authorization;
+
+public class ResourcePermissionValueProviderManager_Tests: AuthorizationTestBase
+{
+    private readonly IResourcePermissionValueProviderManager _resourcePermissionValueProviderManager;
+
+    public ResourcePermissionValueProviderManager_Tests()
+    {
+        _resourcePermissionValueProviderManager = GetRequiredService<IResourcePermissionValueProviderManager>();
+    }
+
+    protected override void SetAbpApplicationCreationOptions(AbpApplicationCreationOptions options)
+    {
+        options.Services.Configure<AbpPermissionOptions>(permissionOptions =>
+        {
+            permissionOptions.ResourceValueProviders.Add<TestDuplicateResourcePermissionValueProvider>();
+        });
+    }
+
+    [Fact]
+    public void Should_Throw_Exception_If_Duplicate_Provider_Name_Detected()
+    {
+        var exception = Assert.Throws<AbpException>(() =>
+        {
+            var providers = _resourcePermissionValueProviderManager.ValueProviders;
+        });
+
+        exception.Message.ShouldBe($"Duplicate resource permission value provider name detected: TestResourcePermissionValueProvider1. Providers:{Environment.NewLine}{typeof(TestDuplicateResourcePermissionValueProvider).FullName}{Environment.NewLine}{typeof(TestResourcePermissionValueProvider1).FullName}");
+    }
+}
+
+public class TestDuplicateResourcePermissionValueProvider : ResourcePermissionValueProvider
+{
+    public TestDuplicateResourcePermissionValueProvider(IResourcePermissionStore permissionStore) : base(permissionStore)
+    {
+    }
+
+    public override string Name => "TestResourcePermissionValueProvider1";
+
+    public override Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context)
+    {
+        throw new NotImplementedException();
+    }
+
+    public override Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context)
+    {
+        throw new NotImplementedException();
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/StaticPermissionDefinitionStore_Tests.cs

@@ -1,6 +1,7 @@
 using System.Threading.Tasks;
 using Shouldly;
 using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.TestServices.Resources;
 using Xunit;
 
 namespace Volo.Abp.Authorization;
@@ -44,4 +45,29 @@ public class StaticPermissionDefinitionStore_Tests : AuthorizationTestBase
         var groups = await _store.GetGroupsAsync();
         groups.ShouldNotContain(x => x.Name == "TestGetGroup");
     }
+
+    [Fact]
+    public async Task GetResourcePermissionOrNullAsync()
+    {
+        var permission = await _store.GetResourcePermissionOrNullAsync(TestEntityResource.ResourceName, "MyResourcePermission1");
+        permission.ShouldNotBeNull();
+        permission.Name.ShouldBe("MyResourcePermission1");
+        permission.StateCheckers.ShouldContain(x => x.GetType() == typeof(TestRequireEditionPermissionSimpleStateChecker));
+
+        permission = await _store.GetResourcePermissionOrNullAsync(TestEntityResource.ResourceName, "NotExists");
+        permission.ShouldBeNull();
+    }
+
+    [Fact]
+    public async Task GetResourcePermissionsAsync()
+    {
+        var permissions = await _store.GetResourcePermissionsAsync();
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission1");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission2");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission3");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission4");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission5");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission6");
+        permissions.ShouldContain(x => x.Name == "MyResourcePermission7");
+    }
 }

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/FakePermissionStore.cs

@@ -8,7 +8,7 @@ public class FakePermissionStore : IPermissionStore, ITransientDependency
 {
     public Task<bool> IsGrantedAsync(string name, string providerName, string providerKey)
     {
-        return Task.FromResult(name == "MyPermission3" || name == "MyPermission5");
+        return Task.FromResult(name == "MyPermission3" || name == "MyPermission5" || name == "TestEntityManagementPermission");
     }
 
     public Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names, string providerName, string providerKey)
@@ -16,7 +16,7 @@ public class FakePermissionStore : IPermissionStore, ITransientDependency
         var result = new MultiplePermissionGrantResult();
         foreach (var name in names)
         {
-            result.Result.Add(name, name == "MyPermission3" || name == "MyPermission5"
+            result.Result.Add(name, name == "MyPermission3" || name == "MyPermission5" || name == "TestEntityManagementPermission"
                 ? PermissionGrantResult.Granted
                 : PermissionGrantResult.Prohibited);
         }

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/AuthorizationTestResourcePermissionDefinitionProvider.cs

@@ -0,0 +1,48 @@
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Xunit;
+
+namespace Volo.Abp.Authorization.TestServices.Resources;
+
+public class AuthorizationTestResourcePermissionDefinitionProvider : PermissionDefinitionProvider
+{
+    public override void Define(IPermissionDefinitionContext context)
+    {
+        var getGroup = context.GetGroupOrNull("TestGroup");
+        if (getGroup == null)
+        {
+            getGroup = context.AddGroup("TestGroup");
+        }
+        getGroup.AddPermission("TestEntityManagementPermission");
+        getGroup.AddPermission("TestEntityManagementPermission2");
+
+        var permission1 = context.AddResourcePermission("MyResourcePermission1", resourceName: TestEntityResource.ResourceName, "TestEntityManagementPermission");
+        Assert.Throws<AbpException>(() =>
+        {
+            permission1.AddChild("MyResourcePermission1.ChildPermission1");
+        }).Message.ShouldBe($"Resource permission cannot have child permissions. Resource: {TestEntityResource.ResourceName}");
+        permission1.StateCheckers.Add(new TestRequireEditionPermissionSimpleStateChecker());;
+        permission1[PermissionDefinitionContext.KnownPropertyNames.CurrentProviderName].ShouldBe(typeof(AuthorizationTestResourcePermissionDefinitionProvider).FullName);
+
+        context.AddResourcePermission("MyResourcePermission2", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission");
+        context.AddResourcePermission("MyResourcePermission3", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission");
+        context.AddResourcePermission("MyResourcePermission4", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission");
+        context.AddResourcePermission("MyResourcePermission5", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission");
+        context.AddResourcePermission("MyResourcePermission6", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission").WithProviders(nameof(TestResourcePermissionValueProvider1));
+        context.AddResourcePermission("MyResourcePermission7", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission").WithProviders(nameof(TestResourcePermissionValueProvider2));
+        context.AddResourcePermission("MyResourcePermission8", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission2");
+
+        Assert.Throws<AbpException>(() =>
+        {
+            context.AddResourcePermission("MyResourcePermission7", resourceName: typeof(TestEntityResource).FullName!, "TestEntityManagementPermission");
+        }).Message.ShouldBe($"There is already an existing resource permission with name: MyResourcePermission7 for resource: {typeof(TestEntityResource).FullName}");
+
+        context.AddResourcePermission("MyResourcePermission7", resourceName: typeof(TestEntityResource2).FullName!, "TestEntityManagementPermission").WithProviders(nameof(TestResourcePermissionValueProvider2));
+
+        context.GetResourcePermissionOrNull(TestEntityResource.ResourceName, "MyResourcePermission1").ShouldNotBeNull();
+        context.GetResourcePermissionOrNull(TestEntityResource.ResourceName, "MyResourcePermission7").ShouldNotBeNull();
+        context.GetResourcePermissionOrNull(TestEntityResource2.ResourceName, "MyResourcePermission7").ShouldNotBeNull();
+        context.GetResourcePermissionOrNull(TestEntityResource.ResourceName, "MyResourcePermission9").ShouldBeNull();
+        context.GetResourcePermissionOrNull(TestEntityResource2.ResourceName, "MyResourcePermission6").ShouldBeNull();
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/FakeResourcePermissionStore.cs

@@ -0,0 +1,46 @@
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.Authorization.TestServices.Resources;
+
+public class FakeResourcePermissionStore : IResourcePermissionStore, ITransientDependency
+{
+    public Task<bool> IsGrantedAsync(string name, string resourceName, string resourceKey, string providerName, string providerKey)
+    {
+        return Task.FromResult((name == "MyResourcePermission3" || name == "MyResourcePermission5") &&
+                               resourceName == TestEntityResource.ResourceName &&
+                               (resourceKey == TestEntityResource.ResourceKey3 || resourceKey == TestEntityResource.ResourceKey5));
+    }
+
+    public Task<MultiplePermissionGrantResult> IsGrantedAsync(string[] names, string resourceName, string resourceKey, string providerName, string providerKey)
+    {
+        var result = new MultiplePermissionGrantResult();
+        foreach (var name in names)
+        {
+            result.Result.Add(name, ((name == "MyResourcePermission3" || name == "MyResourcePermission5") &&
+                resourceName == TestEntityResource.ResourceName &&
+                (resourceKey == TestEntityResource.ResourceKey3 || resourceKey == TestEntityResource.ResourceKey5)
+                    ? PermissionGrantResult.Granted
+                    : PermissionGrantResult.Prohibited));
+        }
+
+        return Task.FromResult(result);
+    }
+
+    public Task<MultiplePermissionGrantResult> GetPermissionsAsync(string resourceName, string resourceKey)
+    {
+        throw new System.NotImplementedException();
+    }
+
+    public Task<string[]> GetGrantedPermissionsAsync(string resourceName, string resourceKey)
+    {
+        throw new System.NotImplementedException();
+    }
+
+    public Task<string[]> GetGrantedResourceKeysAsync(string resourceName, string name)
+    {
+        throw new System.NotImplementedException();
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/TestEntityResource.cs

@@ -0,0 +1,37 @@
+using System;
+using System.Collections.Generic;
+using Volo.Abp.Authorization.Permissions.Resources;
+
+namespace Volo.Abp.Authorization.TestServices.Resources;
+
+public class TestEntityResource : IHasResourcePermissions
+{
+    public static readonly string ResourceName = typeof(TestEntityResource).FullName;
+
+    public static readonly string ResourceKey1 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey2 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey3 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey4 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey5 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey6 = Guid.NewGuid().ToString();
+    public static readonly string ResourceKey7 = Guid.NewGuid().ToString();
+
+    private string Id { get; }
+
+    public TestEntityResource(string id)
+    {
+        Id = id;
+    }
+
+    public string GetObjectKey()
+    {
+        return Id;
+    }
+
+    public Dictionary<string, bool> ResourcePermissions { get; set; }
+}
+
+public class TestEntityResource2
+{
+    public static readonly string ResourceName = typeof(TestEntityResource2).FullName;
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/TestResourcePermissionValueProvider1.cs

@@ -0,0 +1,43 @@
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+
+namespace Volo.Abp.Authorization.TestServices.Resources;
+
+public class TestResourcePermissionValueProvider1 : ResourcePermissionValueProvider
+{
+    public TestResourcePermissionValueProvider1(IResourcePermissionStore permissionStore) : base(permissionStore)
+    {
+    }
+
+    public override string Name => "TestResourcePermissionValueProvider1";
+
+    public override Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context)
+    {
+        var result = PermissionGrantResult.Undefined;
+        if (context.Permission.Name == "MyResourcePermission6" &&
+            context.ResourceName == TestEntityResource.ResourceName &&
+            context.ResourceKey == TestEntityResource.ResourceKey6)
+        {
+            result = PermissionGrantResult.Granted;
+        }
+
+        return Task.FromResult(result);
+    }
+
+    public override Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context)
+    {
+        var result = new MultiplePermissionGrantResult();
+        foreach (var name in context.Permissions.Select(x => x.Name))
+        {
+            result.Result.Add(name, name == "MyResourcePermission6" &&
+                                    context.ResourceName == TestEntityResource.ResourceName &&
+                                    context.ResourceKey == TestEntityResource.ResourceKey6
+                ? PermissionGrantResult.Granted
+                : PermissionGrantResult.Undefined);
+        }
+
+        return Task.FromResult(result);
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/TestResourcePermissionValueProvider2.cs

@@ -0,0 +1,43 @@
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.Authorization.Permissions.Resources;
+
+namespace Volo.Abp.Authorization.TestServices.Resources;
+
+public class TestResourcePermissionValueProvider2 : ResourcePermissionValueProvider
+{
+    public TestResourcePermissionValueProvider2(IResourcePermissionStore permissionStore) : base(permissionStore)
+    {
+    }
+
+    public override string Name => "TestResourcePermissionValueProvider2";
+
+    public override Task<PermissionGrantResult> CheckAsync(ResourcePermissionValueCheckContext context)
+    {
+        var result = PermissionGrantResult.Undefined;
+        if (context.Permission.Name == "MyResourcePermission7" &&
+            context.ResourceName == TestEntityResource.ResourceName &&
+            context.ResourceKey == TestEntityResource.ResourceKey7)
+        {
+            result = PermissionGrantResult.Granted;
+        }
+
+        return Task.FromResult(result);
+    }
+
+    public override Task<MultiplePermissionGrantResult> CheckAsync(ResourcePermissionValuesCheckContext context)
+    {
+        var result = new MultiplePermissionGrantResult();
+        foreach (var name in context.Permissions.Select(x => x.Name))
+        {
+            result.Result.Add(name, name == "MyResourcePermission7" &&
+                                    context.ResourceName == TestEntityResource.ResourceName &&
+                                    context.ResourceKey == TestEntityResource.ResourceKey7
+                ? PermissionGrantResult.Granted
+                : PermissionGrantResult.Undefined);
+        }
+
+        return Task.FromResult(result);
+    }
+}