'Rename default admin role in ABP framework
Is there a way to rename the default admin role to something else, e.g. system admin or super admin ? In some contexts , admin may refer to task administrator or maybe other administrator and I'd use that for something else.
Yes, I can delete all permission granted to admin and grant them to system admin, however I'm not sure other places where the default admin are used in.
And since data seeder is hardcoded to admin, I'm kinda stuck here.
Solution 1:[1]
This is how I handled it:
public static class IdentityDataSeederProperties
{
public static String AdminUserName { get; set; } = "admin";
public static String AdminRoleName { get; set; } = "admin";
}
[Dependency(ReplaceServices = true)]
public class IdentityDataSeeder : ITransientDependency, IIdentityDataSeeder
{
protected IGuidGenerator GuidGenerator { get; }
protected IIdentityRoleRepository RoleRepository { get; }
protected IIdentityUserRepository UserRepository { get; }
protected ILookupNormalizer LookupNormalizer { get; }
protected IdentityUserManager UserManager { get; }
protected IdentityRoleManager RoleManager { get; }
protected ICurrentTenant CurrentTenant { get; }
protected IOptions<IdentityOptions> IdentityOptions { get; }
protected ILogger<IdentityDataSeeder> Logger { get; }
public IdentityDataSeeder(
IGuidGenerator guidGenerator,
IIdentityRoleRepository roleRepository,
IIdentityUserRepository userRepository,
ILookupNormalizer lookupNormalizer,
IdentityUserManager userManager,
IdentityRoleManager roleManager,
ICurrentTenant currentTenant,
IOptions<IdentityOptions> identityOptions,
ILogger<IdentityDataSeeder> logger)
{
GuidGenerator = guidGenerator;
RoleRepository = roleRepository;
UserRepository = userRepository;
LookupNormalizer = lookupNormalizer;
UserManager = userManager;
RoleManager = roleManager;
CurrentTenant = currentTenant;
IdentityOptions = identityOptions;
Logger = logger;
}
public virtual async Task<IdentityDataSeedResult> SeedAsync(String adminEmail, String adminPassword, Guid? tenantId = null)
{
Check.NotNullOrWhiteSpace(adminEmail, nameof(adminEmail));
Check.NotNullOrWhiteSpace(adminPassword, nameof(adminPassword));
using (CurrentTenant.Change(tenantId))
{
await IdentityOptions.SetAsync().ConfigureAwait(false);
var result = await CreateAdminUserAndRoleAsync(adminEmail, adminPassword, tenantId).ConfigureAwait(false);
await AddAdminUserToAdminRole().ConfigureAwait(false);
return result;
}
}
[UnitOfWork]
private async Task AddAdminUserToAdminRole()
{
var adminUser = await UserRepository
.FindByNormalizedUserNameAsync(LookupNormalizer.NormalizeName(IdentityDataSeederProperties.AdminUserName))
.ConfigureAwait(false);
(await UserManager.AddToRoleAsync(adminUser, IdentityDataSeederProperties.AdminRoleName).ConfigureAwait(false)).CheckErrors();
}
[UnitOfWork]
private async Task<IdentityDataSeedResult> CreateAdminUserAndRoleAsync(String adminEmail, String adminPassword, Guid? tenantId)
{
return new IdentityDataSeedResult
{
CreatedAdminUser = await CreateAdminUserIfItDoesNotExistAsync(tenantId, adminEmail, adminPassword).ConfigureAwait(false),
CreatedAdminRole = await CreateAdminRoleIfItDoesNotExistAsync(tenantId).ConfigureAwait(false)
};
}
private async Task<Boolean> CreateAdminRoleIfItDoesNotExistAsync(Guid? tenantId)
{
var adminRole = await RoleRepository
.FindByNormalizedNameAsync(LookupNormalizer.NormalizeName(IdentityDataSeederProperties.AdminRoleName))
.ConfigureAwait(false);
if (adminRole == null)
{
adminRole = new IdentityRole(GuidGenerator.Create(), IdentityDataSeederProperties.AdminRoleName, tenantId)
{
IsStatic = true,
IsPublic = true
};
(await RoleManager.CreateAsync(adminRole).ConfigureAwait(false)).CheckErrors();
Logger.LogInformation("Created Role: {RoleName} ({RoleId})", adminRole.Name, adminRole.Id);
return true;
}
return false;
}
private async Task<Boolean> CreateAdminUserIfItDoesNotExistAsync(Guid? tenantId, String adminEmail, String adminPassword)
{
var adminUser = await UserRepository.FindByNormalizedUserNameAsync(
LookupNormalizer.NormalizeName(IdentityDataSeederProperties.AdminUserName)
).ConfigureAwait(false);
if (adminUser == null)
{
adminUser = new IdentityUser(GuidGenerator.Create(), IdentityDataSeederProperties.AdminUserName, adminEmail, tenantId)
{
Name = IdentityDataSeederProperties.AdminUserName
};
(await UserManager.CreateAsync(adminUser, adminPassword, validatePassword: false).ConfigureAwait(false)).CheckErrors();
Logger.LogInformation("Created User: {RoleName} ({RoleId})", adminUser.Name, adminUser.Id);
return true;
}
return false;
}
}
The key is the [Dependency(ReplaceServices = true)] attribute. It causes the DI system to replace the default implementation with mine.
NOTE: I refactored the default implementation (and added logging) which is why I didn't just inherit from it, as suggested in #9641.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Doug Wilson |