I've been working on a web app that uses angular universal and asp.net core with OpenIDDict token auth.
I have custom roles and claims / permissions. I have taken a lot of code from a previous project that was written for asp.net core 1.1, and as such I had to create extensions to IdentityUser and IdentityRole which I updated as per the microsoft docs, including the navigation properties as shown below, my problem is that if I get the roles from the Db and include Users and Claims e.g.
_context.Roles
.Include(r => r.Claims)
.Include(r => r.Users)
.OrderBy(r => r.Name);
I get the roles, but the user and the claim count is 0, so somewhere something isn't updating, the same happens when getting the user via usermanager, I get a 0 roles and 0 claims! If I use the rolemanager to check the users roles, it works and returns the roles. I have included my dbContext at the bottom as well. Hopefully it's an easy fix!
ApplicationRole:
public class ApplicationRole : IdentityRole
{
public ApplicationRole()
{
}
public virtual ICollection<ApplicationRoleClaim> Claims { get; set; } = new List<ApplicationRoleClaim>();
public virtual ICollection<ApplicationUser> Users { get; set; } = new List<ApplicationUser>();
public ApplicationRole(string roleName) : base(roleName)
{
}
public ApplicationRole(string roleName, string description) : base(roleName)
{
Description = description;
}
public string Description { get; set; }
}
ApplicationUser:
public class ApplicationUser : IdentityUser
{
public virtual string FriendlyName
{
get
{
string friendlyName = string.IsNullOrWhiteSpace(FullName) ? UserName : FullName;
if (!string.IsNullOrWhiteSpace(JobTitle))
friendlyName = JobTitle + " " + friendlyName;
return friendlyName;
}
}
public string JobTitle { get; set; }
public string FullName { get; set; }
public string Configuration { get; set; }
public bool IsEnabled { get; set; }
public bool IsLockedOut => this.LockoutEnabled && this.LockoutEnd >= DateTimeOffset.UtcNow;
public virtual ICollection<IdentityUserRole<string>> Roles { get; } = new List<IdentityUserRole<string>>();
public virtual ICollection<IdentityUserClaim<string>> Claims { get; } = new List<IdentityUserClaim<string>>();
public virtual ICollection<IdentityUserLogin<string>> Logins { get; } = new List<IdentityUserLogin<string>>();
//public ICollection<Order> Orders { get; set; }
}
ApplicationRoleClaim:
public class ApplicationRoleClaim : IdentityRoleClaim<string>
{
public virtual ApplicationRole ApplicationRole { get; set; }
}
DbContext:
public class MYDbContext : IdentityDbContext<ApplicationUser, ApplicationRole, string>
{
public MyDbContext(DbContextOptions<MyDbContext> options)
: base(options)
{
Database.EnsureCreated();
}
//List of DB Models - Add your DB models here
public DbSet<Customer> Customers { get; set; }
public DbSet<Product> Product { get; set; }
public virtual DbSet<OpenIddictApplication> OpenIddictApplication { get; set; }
public virtual DbSet<OpenIddictAuthorization> OpenIddictAuthorization { get; set; }
public virtual DbSet<OpenIddictScope> OpenIddictScope { get; set; }
public virtual DbSet<OpenIddictToken> OpenIddictToken { get; set; }
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
modelBuilder.Entity<Product>()
.Property(b => b.EntryTime)
.HasDefaultValueSql("getdate()");
base.OnModelCreating(modelBuilder);
modelBuilder.UseOpenIddict();
modelBuilder.Entity<ApplicationRoleClaim>()
.HasOne(pt => pt.ApplicationRole)
.WithMany(t => t.Claims)
.HasForeignKey(pt => pt.RoleId);
modelBuilder.Entity<ApplicationUser>()
.HasMany(e => e.Claims)
.WithOne()
.HasForeignKey(e => e.UserId)
.IsRequired()
.OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationUser>()
.HasMany(e => e.Logins)
.WithOne()
.HasForeignKey(e => e.UserId)
.IsRequired()
.OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationUser>()
.HasMany(e => e.Roles)
.WithOne()
.HasForeignKey(e => e.UserId)
.IsRequired()
.OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationRole>()
.HasMany(t => t.Claims)
.WithOne(r => r.ApplicationRole)
.HasForeignKey(pt => pt.RoleId);
}
}
EDIT:
I have noticed that I get the roles count with the user now; however, I cant get the user count with the roles. I tried to link roles to users but got errors. I did managed to link claims and roles:
modelBuilder.Entity<ApplicationRole>()
.HasMany(r => r.Claims)
.WithOne()
.HasForeignKey(c => c.RoleId).IsRequired()
.OnDelete(DeleteBehavior.Cascade);
fixed it!
Changed my nav properties to match: applicationuser:
public virtual ICollection<IdentityUserRole<string>> Roles { get; set; }
public virtual ICollection<IdentityUserClaim<string>> Claims { get; set; }
ApplicationRole:
public virtual ICollection<IdentityUserRole<string>> Users { get; set; }
public virtual ICollection<IdentityRoleClaim<string>> Claims { get; set; }
updated my DbContext:
modelBuilder.Entity<ApplicationUser>().HasMany(u => u.Claims).WithOne().HasForeignKey(c => c.UserId).IsRequired().OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationUser>().HasMany(u => u.Roles).WithOne().HasForeignKey(r => r.UserId).IsRequired().OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationRole>().HasMany(r => r.Claims).WithOne().HasForeignKey(c => c.RoleId).IsRequired().OnDelete(DeleteBehavior.Cascade);
modelBuilder.Entity<ApplicationRole>().HasMany(r => r.Users).WithOne().HasForeignKey(r => r.RoleId).IsRequired().OnDelete(DeleteBehavior.Cascade);
Ensured the initial migration looked ok. and it all worked.