You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying without success to suppress SuperUserHandler service because I don't want superuser admin has permissions for certain things.
In order to do so, in my custom module Startup.cs file I did the following:
public override void ConfigureServices(IServiceCollection services)
{
var handlerToRemove = services.FirstOrDefault(s => s.ServiceType == typeof(IAuthorizationHandler)
&& s.ImplementationType == typeof(SuperUserHandler)).ToList();
if (handlerToRemove != null )
{
services.Remove(handlerToRemove);
}
...
To be sure SuperUserHandler is registered previous to that code I added "OrchardCore.Users" as a dependency of my custom module.
In fact, debugging I see the handler is registered and this code actually removes the handler.
However when I get an access token with admin user and call to a an api method calling to await _authorizationService.AuthorizeAsync(User, Permissions.APermissionAssignedToUsersThatAreNotAdmin), it returns true when it should return false.
This discussion was converted from issue #4038 on April 28, 2024 21:25.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I'm trying without success to suppress SuperUserHandler service because I don't want superuser admin has permissions for certain things.
In order to do so, in my custom module Startup.cs file I did the following:
To be sure SuperUserHandler is registered previous to that code I added "OrchardCore.Users" as a dependency of my custom module.
In fact, debugging I see the handler is registered and this code actually removes the handler.
However when I get an access token with admin user and call to a an api method calling to await _authorizationService.AuthorizeAsync(User, Permissions.APermissionAssignedToUsersThatAreNotAdmin), it returns true when it should return false.
Any idea of what could be causing this issue?
Beta Was this translation helpful? Give feedback.
All reactions