tsai
/
abp
mirror of https://github.com/abpframework/abp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update authorization doc links to new index.md path 

Replaces all references to 'authorization.md' with 'authorization/index.md' across documentation files to reflect the new file structure. This ensures all internal links to the authorization documentation remain valid after the file was moved and renamed.
EngincanV/rba-docs
EngincanV 3 weeks ago
parent
e102900ecc
commit
a8fba9e20e
36 changed files with 42 additions and 42 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      docs/en/deployment/configuring-production.md
  2. 2
      docs/en/framework/api-development/standard-apis/configuration.md
  3. 2
      docs/en/framework/architecture/domain-driven-design/application-services.md
  4. 2
      docs/en/framework/architecture/modularity/extending/customizing-application-modules-guide.md
  5. 4
      docs/en/framework/fundamentals/authorization/index.md
  6. 2
      docs/en/framework/fundamentals/dynamic-claims.md
  7. 2
      docs/en/framework/fundamentals/exception-handling.md
  8. 2
      docs/en/framework/fundamentals/index.md
  9. 2
      docs/en/framework/infrastructure/background-jobs/hangfire.md
  10. 2
      docs/en/framework/infrastructure/interceptors.md
  11. 2
      docs/en/framework/ui/angular/account-module.md
  12. 2
      docs/en/framework/ui/angular/permission-management.md
  13. 4
      docs/en/framework/ui/blazor/authorization.md
  14. 2
      docs/en/framework/ui/blazor/navigation-menu.md
  15. 2
      docs/en/framework/ui/blazor/page-toolbar-extensions.md
  16. 2
      docs/en/framework/ui/mvc-razor-pages/auto-complete-select.md
  17. 2
      docs/en/framework/ui/mvc-razor-pages/javascript-api/ajax.md
  18. 2
      docs/en/framework/ui/mvc-razor-pages/javascript-api/auth.md
  19. 2
      docs/en/framework/ui/mvc-razor-pages/navigation-menu.md
  20. 2
      docs/en/framework/ui/mvc-razor-pages/page-toolbar-extensions.md
  21. 2
      docs/en/framework/ui/mvc-razor-pages/toolbars.md
  22. 4
      docs/en/framework/ui/mvc-razor-pages/widgets.md
  23. 2
      docs/en/index.md
  24. 2
      docs/en/modules/identity-pro.md
  25. 2
      docs/en/modules/identity.md
  26. 2
      docs/en/modules/openiddict-pro.md
  27. 2
      docs/en/modules/openiddict.md
  28. 8
      docs/en/modules/permission-management.md
  29. 2
      docs/en/solution-templates/layered-web-application/overview.md
  30. 2
      docs/en/solution-templates/microservice/overview.md
  31. 2
      docs/en/solution-templates/microservice/permission-management.md
  32. 2
      docs/en/solution-templates/single-layer-web-application/overview.md
  33. 2
      docs/en/solution-templates/single-layer-web-application/solution-structure.md
  34. 2
      docs/en/tutorials/book-store/part-05.md
  35. 2
      docs/en/tutorials/book-store/part-08.md
  36. 2
      docs/en/ui-themes/lepton-x-lite/angular.md

2
docs/en/deployment/configuring-production.md
View File

@ -113,6 +113,6 @@ ABP uses .NET's standard [Logging services](../framework/fundamentals/logging.md
ABP's startup solution templates come with [Swagger UI](https://swagger.io/) pre-installed. Swagger is a pretty standard and useful tool to discover and test your HTTP APIs on a built-in UI that is embedded into your application or service. It is typically used in development environment, but you may want to enable it on staging or production environments too. ABP's startup solution templates come with [Swagger UI](https://swagger.io/) pre-installed. Swagger is a pretty standard and useful tool to discover and test your HTTP APIs on a built-in UI that is embedded into your application or service. It is typically used in development environment, but you may want to enable it on staging or production environments too.
While you will always secure your HTTP APIs with other techniques (like the [Authorization](../framework/fundamentals/authorization.md) system), allowing malicious software and people to easily discover your HTTP API endpoint details can be considered as a security problem for some systems. So, be careful while taking the decision of enabling or disabling Swagger for the production environment. While you will always secure your HTTP APIs with other techniques (like the [Authorization](../framework/fundamentals/authorization/index.md) system), allowing malicious software and people to easily discover your HTTP API endpoint details can be considered as a security problem for some systems. So, be careful while taking the decision of enabling or disabling Swagger for the production environment.
> You may also want to see the [ABP Swagger integration](../framework/api-development/swagger.md) document. > You may also want to see the [ABP Swagger integration](../framework/api-development/swagger.md) document.

2
docs/en/framework/api-development/standard-apis/configuration.md
View File

@ -9,7 +9,7 @@
ABP provides a pre-built and standard endpoint that contains some useful information about the application/service. Here, is the list of some fundamental information at this endpoint: ABP provides a pre-built and standard endpoint that contains some useful information about the application/service. Here, is the list of some fundamental information at this endpoint:
* Granted [policies](../../fundamentals/authorization.md) (permissions) for the current user. * Granted [policies](../../fundamentals/authorization/index.md) (permissions) for the current user.
* [Setting](../../infrastructure/settings.md) values for the current user. * [Setting](../../infrastructure/settings.md) values for the current user.
* Info about the [current user](../../infrastructure/current-user.md) (like id and user name). * Info about the [current user](../../infrastructure/current-user.md) (like id and user name).
* Info about the current [tenant](../../architecture/multi-tenancy) (like id and name). * Info about the current [tenant](../../architecture/multi-tenancy) (like id and name).

2
docs/en/framework/architecture/domain-driven-design/application-services.md
View File

@ -218,7 +218,7 @@ See the [validation document](../../fundamentals/validation.md) for more.
It's possible to use declarative and imperative authorization for application service methods. It's possible to use declarative and imperative authorization for application service methods.
See the [authorization document](../../fundamentals/authorization.md) for more. See the [authorization document](../../fundamentals/authorization/index.md) for more.
## CRUD Application Services ## CRUD Application Services

2
docs/en/framework/architecture/modularity/extending/customizing-application-modules-guide.md
View File

@ -112,4 +112,4 @@ Also, see the following documents:
* See [the localization document](../../../fundamentals/localization.md) to learn how to extend existing localization resources. * See [the localization document](../../../fundamentals/localization.md) to learn how to extend existing localization resources.
* See [the settings document](../../../infrastructure/settings.md) to learn how to change setting definitions of a depended module. * See [the settings document](../../../infrastructure/settings.md) to learn how to change setting definitions of a depended module.
* See [the authorization document](../../../fundamentals/authorization.md) to learn how to change permission definitions of a depended module. * See [the authorization document](../../../fundamentals/authorization/index.md) to learn how to change permission definitions of a depended module.

4
docs/en/framework/fundamentals/authorization.md → docs/en/framework/fundamentals/authorization/index.md
View File

@ -321,8 +321,8 @@ public async Task CreateAsync(CreateAuthorDto input)
See the following documents to learn how to re-use the authorization system on the client side: See the following documents to learn how to re-use the authorization system on the client side:
* [ASP.NET Core MVC / Razor Pages UI: Authorization](../ui/mvc-razor-pages/javascript-api/auth.md) * [ASP.NET Core MVC / Razor Pages UI: Authorization](../ui/mvc-razor-pages/javascript-api/auth.md)
* [Angular UI Authorization](../ui/angular/authorization.md) * [Angular UI Authorization](../ui/angular/authorization/index.md)
* [Blazor UI Authorization](../ui/blazor/authorization.md) * [Blazor UI Authorization](../ui/blazor/authorization/index.md)
## Permission Management ## Permission Management

2
docs/en/framework/fundamentals/dynamic-claims.md
View File

@ -94,6 +94,6 @@ If you want to add your own dynamic claims contributor, you can create a class t
## See Also ## See Also
* [Authorization](./authorization.md) * [Authorization](./authorization/index.md)
* [Claims-based authorization in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims) * [Claims-based authorization in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims)
* [Mapping, customizing, and transforming claims in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims) * [Mapping, customizing, and transforming claims in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims)

2
docs/en/framework/fundamentals/exception-handling.md
View File

@ -322,7 +322,7 @@ The `context` object contains necessary information about the exception occurred
Some exception types are automatically thrown by the framework: Some exception types are automatically thrown by the framework:
- `AbpAuthorizationException` is thrown if the current user has no permission to perform the requested operation. See [authorization](./authorization.md) for more. - `AbpAuthorizationException` is thrown if the current user has no permission to perform the requested operation. See [authorization](./authorization/index.md) for more.
- `AbpValidationException` is thrown if the input of the current request is not valid. See [validation](./validation.md) for more. - `AbpValidationException` is thrown if the input of the current request is not valid. See [validation](./validation.md) for more.
- `EntityNotFoundException` is thrown if the requested entity is not available. This is mostly thrown by [repositories](../architecture/domain-driven-design/repositories.md). - `EntityNotFoundException` is thrown if the requested entity is not available. This is mostly thrown by [repositories](../architecture/domain-driven-design/repositories.md).

2
docs/en/framework/fundamentals/index.md
View File

@ -10,7 +10,7 @@
The following documents explains the fundamental building blocks to create ABP solutions: The following documents explains the fundamental building blocks to create ABP solutions:
* [Application Startup](./application-startup.md) * [Application Startup](./application-startup.md)
* [Authorization](./authorization.md) * [Authorization](./authorization/index.md)
* [Caching](./caching.md) * [Caching](./caching.md)
* [Configuration](./configuration.md) * [Configuration](./configuration.md)
* [Connection Strings](./connection-strings.md) * [Connection Strings](./connection-strings.md)

2
docs/en/framework/infrastructure/background-jobs/hangfire.md
View File

@ -149,7 +149,7 @@ namespace MyProject
Hangfire Dashboard provides information about your background jobs, including method names and serialized arguments as well as gives you an opportunity to manage them by performing different actions – retry, delete, trigger, etc. So it is important to restrict access to the Dashboard. Hangfire Dashboard provides information about your background jobs, including method names and serialized arguments as well as gives you an opportunity to manage them by performing different actions – retry, delete, trigger, etc. So it is important to restrict access to the Dashboard.
To make it secure by default, only local requests are allowed, however you can change this by following the [official documentation](http://docs.hangfire.io/en/latest/configuration/using-dashboard.html) of Hangfire. To make it secure by default, only local requests are allowed, however you can change this by following the [official documentation](http://docs.hangfire.io/en/latest/configuration/using-dashboard.html) of Hangfire.
You can integrate the Hangfire dashboard to [ABP authorization system](../../fundamentals/authorization.md) using the **AbpHangfireAuthorizationFilter** You can integrate the Hangfire dashboard to [ABP authorization system](../../fundamentals/authorization/index.md) using the **AbpHangfireAuthorizationFilter**
class. This class is defined in the `Volo.Abp.Hangfire` package. The following example, checks if the current user is logged in to the application: class. This class is defined in the `Volo.Abp.Hangfire` package. The following example, checks if the current user is logged in to the application:
```csharp ```csharp

2
docs/en/framework/infrastructure/interceptors.md
View File

@ -42,7 +42,7 @@ Automatically begins and commits/rolls back a database transaction when entering
Input DTOs are automatically validated against data annotation attributes and custom validation rules before executing the service logic, providing consistent validation behavior across all services. Input DTOs are automatically validated against data annotation attributes and custom validation rules before executing the service logic, providing consistent validation behavior across all services.
### [Authorization](../fundamentals/authorization.md) ### [Authorization](../fundamentals/authorization/index.md)
Checks user permissions before allowing the execution of application service methods, ensuring security policies are enforced consistently. Checks user permissions before allowing the execution of application service methods, ensuring security policies are enforced consistently.

2
docs/en/framework/ui/angular/account-module.md
View File

@ -150,4 +150,4 @@ export const environment = {
} as Config.Environment; } as Config.Environment;
``` ```
See the [Authorization in Angular UI](./authorization.md) document for more details. See the [Authorization in Angular UI](./authorization/index.md) document for more details.

2
docs/en/framework/ui/angular/permission-management.md
View File

@ -7,7 +7,7 @@
# Permission Management # Permission Management
A permission is a simple policy that is granted or prohibited for a particular user, role or client. You can read more about [authorization in ABP](../../fundamentals/authorization.md) document. A permission is a simple policy that is granted or prohibited for a particular user, role or client. You can read more about [authorization in ABP](../../fundamentals/authorization/index.md) document.
You can get permission of authenticated user using `getGrantedPolicy` or `getGrantedPolicy$` method of `PermissionService`. You can get permission of authenticated user using `getGrantedPolicy` or `getGrantedPolicy$` method of `PermissionService`.

4
docs/en/framework/ui/blazor/authorization.md
View File

@ -9,7 +9,7 @@
Blazor applications can use the same authorization system and permissions defined in the server side. Blazor applications can use the same authorization system and permissions defined in the server side.
> This document is only for authorizing on the Blazor UI. See the [Server Side Authorization](../../fundamentals/authorization.md) to learn how to define permissions and control the authorization system. > This document is only for authorizing on the Blazor UI. See the [Server Side Authorization](../../fundamentals/authorization/index.md) to learn how to define permissions and control the authorization system.
## Basic Usage ## Basic Usage
@ -76,7 +76,7 @@ There are some useful extension methods for the `IAuthorizationService`:
## See Also ## See Also
* [Authorization](../../fundamentals/authorization.md) (server side) * [Authorization](../../fundamentals/authorization/index.md) (server side)
* [Blazor Security](https://docs.microsoft.com/en-us/aspnet/core/blazor/security/) (Microsoft documentation) * [Blazor Security](https://docs.microsoft.com/en-us/aspnet/core/blazor/security/) (Microsoft documentation)
* [ICurrentUser Service](../../infrastructure/current-user.md) * [ICurrentUser Service](../../infrastructure/current-user.md)
* [Video tutorial](https://abp.io/video-courses/essentials/authorization) * [Video tutorial](https://abp.io/video-courses/essentials/authorization)

2
docs/en/framework/ui/blazor/navigation-menu.md
View File

@ -117,7 +117,7 @@ There are more options of a menu item (the constructor of the `ApplicationMenuIt
As seen above, a menu contributor contributes to the menu dynamically. So, you can perform any custom logic or get menu items from any source. As seen above, a menu contributor contributes to the menu dynamically. So, you can perform any custom logic or get menu items from any source.
One use case is the [authorization](authorization.md). You typically want to add menu items by checking a permission. One use case is the [authorization](authorization/index.md). You typically want to add menu items by checking a permission.
**Example: Check if the current user has a permission** **Example: Check if the current user has a permission**

2
docs/en/framework/ui/blazor/page-toolbar-extensions.md
View File

@ -102,7 +102,7 @@ protected override async ValueTask SetToolbarItemsAsync()
#### Permissions #### Permissions
If your button/component should be available based on a [permission/policy](../../fundamentals/authorization.md), you can pass the permission/policy name as the `RequiredPolicyName` parameter to the `AddButton` and `AddComponent` methods. If your button/component should be available based on a [permission/policy](../../fundamentals/authorization/index.md), you can pass the permission/policy name as the `RequiredPolicyName` parameter to the `AddButton` and `AddComponent` methods.
### Add a Page Toolbar Contributor ### Add a Page Toolbar Contributor

2
docs/en/framework/ui/mvc-razor-pages/auto-complete-select.md
View File

@ -78,4 +78,4 @@ It'll be automatically bound to a collection of defined value type.
## Notices ## Notices
If the authenticated user doesn't have permission on the given URL, the user will get an authorization error. Be careful while designing this kind of UIs. If the authenticated user doesn't have permission on the given URL, the user will get an authorization error. Be careful while designing this kind of UIs.
You can create a specific, [unauthorized](../../fundamentals/authorization.md) endpoint/method to get the list of items, so the page can retrieve lookup data of dependent entity without giving the entire read permission to users. You can create a specific, [unauthorized](../../fundamentals/authorization/index.md) endpoint/method to get the list of items, so the page can retrieve lookup data of dependent entity without giving the entire read permission to users.

2
docs/en/framework/ui/mvc-razor-pages/javascript-api/ajax.md
View File

@ -32,7 +32,7 @@ abp.ajax({
}); });
```` ````
This command logs the list of users to the console, if you've **logged in** to the application and have [permission](../../../fundamentals/authorization.md) for the user management page of the [Identity Module](../../../../modules/identity.md). This command logs the list of users to the console, if you've **logged in** to the application and have [permission](../../../fundamentals/authorization/index.md) for the user management page of the [Identity Module](../../../../modules/identity.md).
## Error Handling ## Error Handling

2
docs/en/framework/ui/mvc-razor-pages/javascript-api/auth.md
View File

@ -9,7 +9,7 @@
Auth API allows you to check permissions (policies) for the current user in the client side. In this way, you can conditionally show/hide UI parts or perform your client side logic based on the current permissions. Auth API allows you to check permissions (policies) for the current user in the client side. In this way, you can conditionally show/hide UI parts or perform your client side logic based on the current permissions.
> This document only explains the JavaScript API. See the [authorization document](../../../fundamentals/authorization.md) to understand the ABP authorization & permission system. > This document only explains the JavaScript API. See the [authorization document](../../../fundamentals/authorization/index.md) to understand the ABP authorization & permission system.
## Basic Usage ## Basic Usage

2
docs/en/framework/ui/mvc-razor-pages/navigation-menu.md
View File

@ -117,7 +117,7 @@ There are more options of a menu item (the constructor of the `ApplicationMenuIt
As seen above, a menu contributor contributes to the menu dynamically. So, you can perform any custom logic or get menu items from any source. As seen above, a menu contributor contributes to the menu dynamically. So, you can perform any custom logic or get menu items from any source.
One use case is the [authorization](../../fundamentals/authorization.md). You typically want to add menu items by checking a permission. One use case is the [authorization](../../fundamentals/authorization/index.md). You typically want to add menu items by checking a permission.
**Example: Check if the current user has a permission** **Example: Check if the current user has a permission**

2
docs/en/framework/ui/mvc-razor-pages/page-toolbar-extensions.md
View File

@ -134,7 +134,7 @@ Configure<AbpPageToolbarOptions>(options =>
#### Permissions #### Permissions
If your button/component should be available based on a [permission/policy](../../fundamentals/authorization.md), you can pass the permission/policy name as the `requiredPolicyName` parameter to the `AddButton` and `AddComponent` methods. If your button/component should be available based on a [permission/policy](../../fundamentals/authorization/index.md), you can pass the permission/policy name as the `requiredPolicyName` parameter to the `AddButton` and `AddComponent` methods.
### Add a Page Toolbar Contributor ### Add a Page Toolbar Contributor

2
docs/en/framework/ui/mvc-razor-pages/toolbars.md
View File

@ -79,7 +79,7 @@ public class MyToolbarContributor : IToolbarContributor
} }
```` ````
You can use the [authorization](../../fundamentals/authorization.md) to decide whether to add a `ToolbarItem`. You can use the [authorization](../../fundamentals/authorization/index.md) to decide whether to add a `ToolbarItem`.
````csharp ````csharp
if (await context.IsGrantedAsync("MyPermissionName")) if (await context.IsGrantedAsync("MyPermissionName"))

4
docs/en/framework/ui/mvc-razor-pages/widgets.md
View File

@ -12,7 +12,7 @@ ABP provides a model and infrastructure to create **reusable widgets**. Widget s
* Have **scripts & styles** dependencies for your widget. * Have **scripts & styles** dependencies for your widget.
* Create **dashboards** with widgets used inside. * Create **dashboards** with widgets used inside.
* Define widgets in reusable **[modules](../../architecture/modularity/basics.md)**. * Define widgets in reusable **[modules](../../architecture/modularity/basics.md)**.
* Co-operate widgets with **[authorization](../../fundamentals/authorization.md)** and **[bundling](bundling-minification.md)** systems. * Co-operate widgets with **[authorization](../../fundamentals/authorization/index.md)** and **[bundling](bundling-minification.md)** systems.
## Basic Widget Definition ## Basic Widget Definition
@ -482,7 +482,7 @@ Used to refresh the widget when needed. It has a filter argument that can be use
Some widgets may need to be available only for authenticated or authorized users. In this case, use the following properties of the `Widget` attribute: Some widgets may need to be available only for authenticated or authorized users. In this case, use the following properties of the `Widget` attribute:
* `RequiresAuthentication` (`bool`): Set to true to make this widget usable only for authentication users (user have logged in to the application). * `RequiresAuthentication` (`bool`): Set to true to make this widget usable only for authentication users (user have logged in to the application).
* `RequiredPolicies` (`List<string>`): A list of policy names to authorize the user. See [the authorization document](../../fundamentals/authorization.md) for more info about policies. * `RequiredPolicies` (`List<string>`): A list of policy names to authorize the user. See [the authorization document](../../fundamentals/authorization/index.md) for more info about policies.
Example: Example:

2
docs/en/index.md
View File

@ -68,7 +68,7 @@ There are a lot of features provided by ABP to achieve real world scenarios easi
#### Cross Cutting Concerns #### Cross Cutting Concerns
ABP also simplifies (and even automates wherever possible) cross cutting concerns and common non-functional requirements like [Exception Handling](./framework/fundamentals/exception-handling.md), [Validation](./framework/fundamentals/validation.md), [Authorization](./framework/fundamentals/authorization.md), [Localization](./framework/fundamentals/localization.md), [Caching](./framework/fundamentals/caching.md), [Dependency Injection](./framework/fundamentals/dependency-injection.md), [Setting Management](./framework/infrastructure/settings.md), etc. ABP also simplifies (and even automates wherever possible) cross cutting concerns and common non-functional requirements like [Exception Handling](./framework/fundamentals/exception-handling.md), [Validation](./framework/fundamentals/validation.md), [Authorization](./framework/fundamentals/authorization/index.md), [Localization](./framework/fundamentals/localization.md), [Caching](./framework/fundamentals/caching.md), [Dependency Injection](./framework/fundamentals/dependency-injection.md), [Setting Management](./framework/infrastructure/settings.md), etc.
### Tooling ### Tooling

2
docs/en/modules/identity-pro.md
View File

@ -75,7 +75,7 @@ You can manage permissions of a role:
* A permission is an **action of the application** granted to roles and users. * A permission is an **action of the application** granted to roles and users.
* A user with a role will **inherit** all the permissions granted for the role. * A user with a role will **inherit** all the permissions granted for the role.
* Any module can **[define permissions](../framework/fundamentals/authorization.md#permission-system)**. Once you define a new permission, it will be available in this page. * Any module can **[define permissions](../framework/fundamentals/authorization/index.md#permission-system)**. Once you define a new permission, it will be available in this page.
* Left side is the **list of modules**. Once you click to a module name, you can check/uncheck permissions related to that module. * Left side is the **list of modules**. Once you click to a module name, you can check/uncheck permissions related to that module.
##### Role claims ##### Role claims

2
docs/en/modules/identity.md
View File

@ -31,7 +31,7 @@ The menu items and the related pages are authorized. That means the current user
![identity-module-permissions](../images/identity-module-permissions.png) ![identity-module-permissions](../images/identity-module-permissions.png)
See the [Authorization document](../framework/fundamentals/authorization.md) to understand the permission system. See the [Authorization document](../framework/fundamentals/authorization/index.md) to understand the permission system.
### Pages ### Pages

2
docs/en/modules/openiddict-pro.md
View File

@ -384,7 +384,7 @@ PreConfigure<TokenCleanupOptions>(options =>
#### Updating Claims In Access_token and Id_token #### Updating Claims In Access_token and Id_token
[Claims Principal Factory](../framework/fundamentals/authorization.md#claims-principal-factory) can be used to add/remove claims to the `ClaimsPrincipal`. [Claims Principal Factory](../framework/fundamentals/authorization/index.md#claims-principal-factory) can be used to add/remove claims to the `ClaimsPrincipal`.
The `AbpDefaultOpenIddictClaimDestinationsProvider` service will add `Name`, `Email,` and `Role` types of Claims to `access_token` and `id_token`, other claims are only added to `access_token` by default, and remove the `SecurityStampClaimType` secret claim of `Identity`. The `AbpDefaultOpenIddictClaimDestinationsProvider` service will add `Name`, `Email,` and `Role` types of Claims to `access_token` and `id_token`, other claims are only added to `access_token` by default, and remove the `SecurityStampClaimType` secret claim of `Identity`.

2
docs/en/modules/openiddict.md
View File

@ -332,7 +332,7 @@ Configure<TokenCleanupOptions>(options =>
#### Updating Claims In Access_token and Id_token #### Updating Claims In Access_token and Id_token
[Claims Principal Factory](../framework/fundamentals/authorization.md#claims-principal-factory) can be used to add/remove claims to the `ClaimsPrincipal`. [Claims Principal Factory](../framework/fundamentals/authorization/index.md#claims-principal-factory) can be used to add/remove claims to the `ClaimsPrincipal`.
The `AbpDefaultOpenIddictClaimsPrincipalHandler` service will add `Name`, `Email,` and `Role` types of Claims to `access_token` and `id_token`, other claims are only added to `access_token` by default, and remove the `SecurityStampClaimType` secret claim of `Identity`. The `AbpDefaultOpenIddictClaimsPrincipalHandler` service will add `Name`, `Email,` and `Role` types of Claims to `access_token` and `id_token`, other claims are only added to `access_token` by default, and remove the `SecurityStampClaimType` secret claim of `Identity`.

8
docs/en/modules/permission-management.md
View File

@ -9,7 +9,7 @@
This module implements the `IPermissionStore` to store and manage permissions values in a database. This module implements the `IPermissionStore` to store and manage permissions values in a database.
> This document covers only the permission management module which persists permission values to a database. See the [Authorization document](../framework/fundamentals/authorization.md) to understand the authorization and permission systems. > This document covers only the permission management module which persists permission values to a database. See the [Authorization document](../framework/fundamentals/authorization/index.md) to understand the authorization and permission systems.
## How to Install ## How to Install
@ -37,7 +37,7 @@ In this dialog, you can grant permissions for the selected role. The tabs in the
`IPermissionManager` is the main service provided by this module. It is used to read and change the permission values. `IPermissionManager` is typically used by the *Permission Management Dialog*. However, you can inject it if you need to set a permission value. `IPermissionManager` is the main service provided by this module. It is used to read and change the permission values. `IPermissionManager` is typically used by the *Permission Management Dialog*. However, you can inject it if you need to set a permission value.
> If you just want to read/check permission values for the current user, use the `IAuthorizationService` or the `[Authorize]` attribute as explained in the [Authorization document](../framework/fundamentals/authorization.md). > If you just want to read/check permission values for the current user, use the `IAuthorizationService` or the `[Authorize]` attribute as explained in the [Authorization document](../framework/fundamentals/authorization/index.md).
**Example: Grant permissions to roles and users using the `IPermissionManager` service** **Example: Grant permissions to roles and users using the `IPermissionManager` service**
@ -69,7 +69,7 @@ public class MyService : ITransientDependency
## Permission Management Providers ## Permission Management Providers
Permission Management Module is extensible, just like the [permission system](../framework/fundamentals/authorization.md). You can extend it by defining permission management providers. Permission Management Module is extensible, just like the [permission system](../framework/fundamentals/authorization/index.md). You can extend it by defining permission management providers.
[Identity Module](identity.md) defines the following permission management providers: [Identity Module](identity.md) defines the following permission management providers:
@ -113,4 +113,4 @@ The order of the providers are important. Providers are executed in the reverse
## See Also ## See Also
* [Authorization](../framework/fundamentals/authorization.md) * [Authorization](../framework/fundamentals/authorization/index.md)

2
docs/en/solution-templates/layered-web-application/overview.md
View File

@ -41,7 +41,7 @@ The following **libraries and services** come **pre-installed** and **configured
The following features are built and pre-configured for you in the solution. The following features are built and pre-configured for you in the solution.
* **Authentication** is fully configured based on best practices. * **Authentication** is fully configured based on best practices.
* **[Permission](../../framework/fundamentals/authorization.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use. * **[Permission](../../framework/fundamentals/authorization/index.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use.
* **[Background job system](../../framework/infrastructure/background-jobs/index.md)**. * **[Background job system](../../framework/infrastructure/background-jobs/index.md)**.
* **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md). * **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md).
* **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version). **\*** * **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version). **\***

2
docs/en/solution-templates/microservice/overview.md
View File

@ -49,7 +49,7 @@ The following features are built and pre-configured for you in the solution.
* **OpenId Connect Authentication**, if you have selected the MVC UI. * **OpenId Connect Authentication**, if you have selected the MVC UI.
* **Authorization code flow** is implemented, if you have selected a SPA UI (Angular or Blazor WASM). * **Authorization code flow** is implemented, if you have selected a SPA UI (Angular or Blazor WASM).
* Other flows (resource owner password, client credentials...) are easy to use when you need them. * Other flows (resource owner password, client credentials...) are easy to use when you need them.
* **[Permission](../../framework/fundamentals/authorization.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use. * **[Permission](../../framework/fundamentals/authorization/index.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use.
* **[Background job system](../../framework/infrastructure/background-jobs/index.md)** with [RabbitMQ integrated](../../framework/infrastructure/background-jobs/rabbitmq.md). * **[Background job system](../../framework/infrastructure/background-jobs/index.md)** with [RabbitMQ integrated](../../framework/infrastructure/background-jobs/rabbitmq.md).
* **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md) and a separate database. * **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md) and a separate database.
* **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version) * **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version)

2
docs/en/solution-templates/microservice/permission-management.md
View File

@ -27,7 +27,7 @@ Since [Permission Management](../../modules/permission-management.md) is a funda
## Permission Management ## Permission Management
The *Administration* microservice provides a set of APIs to manage permissions. Every microservice [defines](../../framework/fundamentals/authorization.md) its own permissions. When a microservice starts, it registers its permissions to the related permission definition tables if `SaveStaticPermissionsToDatabase` option is true for `PermissionManagementOptions`. Since the default value is true, this behavior is ensured. After that, you can see the permissions from the [Permission Management Dialog](../../modules/permission-management.md#permission-management-dialog) for related provider such as *User*, *Role* or *Client (OpenIddict Applications)*. The *Administration* microservice provides a set of APIs to manage permissions. Every microservice [defines](../../framework/fundamentals/authorization/index.md) its own permissions. When a microservice starts, it registers its permissions to the related permission definition tables if `SaveStaticPermissionsToDatabase` option is true for `PermissionManagementOptions`. Since the default value is true, this behavior is ensured. After that, you can see the permissions from the [Permission Management Dialog](../../modules/permission-management.md#permission-management-dialog) for related provider such as *User*, *Role* or *Client (OpenIddict Applications)*.
![user-permissions](images/user-permissions.png) ![user-permissions](images/user-permissions.png)

2
docs/en/solution-templates/single-layer-web-application/overview.md
View File

@ -39,7 +39,7 @@ The following **libraries and services** come **pre-installed** and **configured
The solution comes with the following built-in and pre-configured features: The solution comes with the following built-in and pre-configured features:
* **Authentication** is fully configured based on best practices. * **Authentication** is fully configured based on best practices.
* **[Permission](../../framework/fundamentals/authorization.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use. * **[Permission](../../framework/fundamentals/authorization/index.md)** (authorization), **[setting](../../framework/infrastructure/settings.md)**, **[feature](../../framework/infrastructure/features.md)** and the **[localization](../../framework/fundamentals/localization.md)** management systems are pre-configured and ready to use.
* **[Background job system](../../framework/infrastructure/background-jobs/index.md)**. * **[Background job system](../../framework/infrastructure/background-jobs/index.md)**.
* **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md). * **[BLOB storge](../../framework/infrastructure/blob-storing/index.md)** system is installed with the [database provider](../../framework/infrastructure/blob-storing/database.md).
* **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version). **\*** * **On-the-fly database migration** system (services automatically migrated their database schema when you deploy a new version). **\***

2
docs/en/solution-templates/single-layer-web-application/solution-structure.md
View File

@ -56,7 +56,7 @@ This template uses a single-project structure, with concerns separated into fold
* **Migrations**: Contains the database migration files. It is created automatically by EF Core. * **Migrations**: Contains the database migration files. It is created automatically by EF Core.
* **ObjectMapping**: Define your [object-to-object mapping](../../framework/infrastructure/object-to-object-mapping.md) classes in this folder. * **ObjectMapping**: Define your [object-to-object mapping](../../framework/infrastructure/object-to-object-mapping.md) classes in this folder.
* **Pages**: Define your UI pages (Razor Pages) in this folder (create `Controllers` and `Views` folders yourself if you prefer the MVC pattern). * **Pages**: Define your UI pages (Razor Pages) in this folder (create `Controllers` and `Views` folders yourself if you prefer the MVC pattern).
* **Permissions**: Define your [permissions](../../framework/fundamentals/authorization.md) in this folder. * **Permissions**: Define your [permissions](../../framework/fundamentals/authorization/index.md) in this folder.
* **Services**: Define your [application services](../../framework/architecture/domain-driven-design/application-services.md) in this folder. * **Services**: Define your [application services](../../framework/architecture/domain-driven-design/application-services.md) in this folder.
### How to Run? ### How to Run?

2
docs/en/tutorials/book-store/part-05.md
View File

@ -30,7 +30,7 @@
## Permissions ## Permissions
ABP provides an [authorization system](../../framework/fundamentals/authorization.md) based on the ASP.NET Core's [authorization infrastructure](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/introduction). One major feature added on top of the standard authorization infrastructure is the **permission system** which allows to define permissions and enable/disable per role, user or client. ABP provides an [authorization system](../../framework/fundamentals/authorization/index.md) based on the ASP.NET Core's [authorization infrastructure](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/introduction). One major feature added on top of the standard authorization infrastructure is the **permission system** which allows to define permissions and enable/disable per role, user or client.
### Permission Names ### Permission Names

2
docs/en/tutorials/book-store/part-08.md
View File

@ -183,7 +183,7 @@ public class AuthorAppService : BookStoreAppService, IAuthorAppService
} }
```` ````
* `[Authorize(BookStorePermissions.Authors.Default)]` is a declarative way to check a permission (policy) to authorize the current user. See the [authorization document](../../framework/fundamentals/authorization.md) for more. `BookStorePermissions` class will be updated below, don't worry for the compile error for now. * `[Authorize(BookStorePermissions.Authors.Default)]` is a declarative way to check a permission (policy) to authorize the current user. See the [authorization document](../../framework/fundamentals/authorization/index.md) for more. `BookStorePermissions` class will be updated below, don't worry for the compile error for now.
* Derived from the `BookStoreAppService`, which is a simple base class comes with the startup template. It is derived from the standard `ApplicationService` class. * Derived from the `BookStoreAppService`, which is a simple base class comes with the startup template. It is derived from the standard `ApplicationService` class.
* Implemented the `IAuthorAppService` which was defined above. * Implemented the `IAuthorAppService` which was defined above.
* Injected the `IAuthorRepository` and `AuthorManager` to use in the service methods. * Injected the `IAuthorRepository` and `AuthorManager` to use in the service methods.

2
docs/en/ui-themes/lepton-x-lite/angular.md
View File

@ -53,7 +53,7 @@ export const appConfig: ApplicationConfig = {
}; };
``` ```
Note: If you employ [Resource Owner Password Flow](../../framework/ui/angular/authorization.md#resource-owner-password-flow) for authorization, you should provide the following provider as well: Note: If you employ [Resource Owner Password Flow](../../framework/ui/angular/authorization/index.md#resource-owner-password-flow) for authorization, you should provide the following provider as well:
```js ```js
import { provideAccountLayout } from "@abp/ng.theme.lepton-x/account"; import { provideAccountLayout } from "@abp/ng.theme.lepton-x/account";

Write Preview
Loading…
Cancel
Save