Prevent child permissions for resource permissions

framework/src/Volo.Abp.Authorization.Abstractions/Volo/Abp/Authorization/Permissions/PermissionDefinition.cs

@@ -115,6 +115,11 @@ public class PermissionDefinition :
         MultiTenancySides multiTenancySide = MultiTenancySides.Both,
         bool isEnabled = true)
     {
+        if (ResourceName != null)
+        {
+            throw new AbpException($"Resource permission cannot have child permissions. Resource: {ResourceName}");
+        }
+
         var child = new PermissionDefinition(
             name,
             displayName,

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/Resources/AuthorizationTestResourcePermissionDefinitionProvider.cs

@@ -1,5 +1,6 @@
 using Shouldly;
 using Volo.Abp.Authorization.Permissions;
+using Xunit;
 
 namespace Volo.Abp.Authorization.TestServices.Resources;
 
@@ -8,6 +9,10 @@ public class AuthorizationTestResourcePermissionDefinitionProvider : PermissionD
     public override void Define(IPermissionDefinitionContext context)
     {
         var permission1 = context.AddResourcePermission("MyResourcePermission1", resourceName: TestEntityResource.ResourceName);
+        Assert.Throws<AbpException>(() =>
+        {
+            permission1.AddChild("MyResourcePermission1.ChildPermission1");
+        }).Message.ShouldBe($"Resource permission cannot have child permissions. Resource: {TestEntityResource.ResourceName}");
         permission1.StateCheckers.Add(new TestRequireEditionPermissionSimpleStateChecker());;
         permission1[PermissionDefinitionContext.KnownPropertyNames.CurrentProviderName].ShouldBe(typeof(AuthorizationTestResourcePermissionDefinitionProvider).FullName);