jsusen
January 23, 2025, 8:03am
1
User goes to the login page, enters loging and password and presses login.
The problem is caused by a deadlock:
The GetBusinesspartnerDataSet is called from here:
return Redirect(model.ReturnUrl);
}
else
{
// since we don't have a valid context, then we just go back to the home page
return Redirect("~/");
}
}
if (ModelState.IsValid)
{
var user = await _userManager.FindByNameAsync(model.Username);
if (user != null && !await _userManager.IsEmailConfirmedAsync(user))
{
return View("EmailNotConfirmed");
}
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, lockoutOnFailure: true);
if (result.Succeeded && user != null)
{
await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.UserName, user.Name, clientId: context?.Client.ClientId));
if (context != null)
origam version: 2024.4.2.3392
jsusen
January 23, 2025, 8:06am
2
One of prerequisites of the deadlog is that the Authorize method is called in the AbstractSqlCommandGenerator.Filters method. That happens on two places if:
DataStructureFilterSetFilter with a role defined on one of the datastructures
var result = new List<EntityFilter>();
if (filterSet != null)
{
foreach (DataStructureFilterSetFilter filterPart in filterSet.ChildItems)
{
if (entity.PrimaryKey.Equals(filterPart.Entity.PrimaryKey))
{
// skip filters with wrong role
IOrigamAuthorizationProvider auth = SecurityManager.GetAuthorizationProvider();
if (filterPart.Roles == "" || filterPart.Roles == null || auth.Authorize(SecurityManager.CurrentPrincipal, filterPart.Roles))
{
// skip dynamic filter parts
IParameterService parameterService = ServiceManager.Services.GetService(typeof(IParameterService)) as IParameterService;
string constant = null;
if (parameterService != null & filterPart.IgnoreFilterConstant != null)
{
constant = (string)parameterService.GetParameterValue(filterPart.IgnoreFilterConstantId, OrigamDataType.String);
}
EntitySecurityFilterReference defined on one of the entities
if (!(ignoreImplicitFilters || entity.IgnoreImplicitFilters))
{
foreach (var rowLevel in entity.EntityDefinition.ChildItemsByType<EntitySecurityFilterReference>(EntitySecurityFilterReference.CategoryConst))
{
if (!result.Contains(rowLevel.Filter))
{
IOrigamAuthorizationProvider auth = SecurityManager.GetAuthorizationProvider();
System.Security.Principal.IPrincipal principal = SecurityManager.CurrentPrincipal;
if (auth.Authorize(principal, rowLevel.Roles))
{
result.Add(rowLevel.Filter);
}
}
}
}
return result;
}
The EntitySecurityFilterReference will be removed in the production model and we will see if it works as a temporary solution.
It is still not clear why this started happening after switching from 2021.2 to 2024.4.
jsusen
January 23, 2025, 8:06am
3
Removing the EntitySecurityFilterReference did help. The problems with the login do not occur any more.
The core problem will be solved later by refactoring the entity BusinessPartner away from the Root package. It will be a separate task.
