Merge branch 'dev' of https://github.com/volosoft/abp into dev

docs/en/Authorization.md

@@ -280,21 +280,11 @@ public async Task CreateAsync(CreateAuthorDto input)
 
 ## Check a Permission in JavaScript
 
-You may need to check a policy/permission on the client side.
+See the following documents to learn how to re-use the authorization system on the client side:
 
-### MVC UI
-
-For ASP.NET Core MVC / Razor Pages applications, you can use the `abp.auth` API.
-
-**Example: Check if a given permission has been granted for the current user**
-
-```js
-abp.auth.isGranted('MyPermissionName');
-```
-
-### Angular UI
-
-See the [permission management document](UI/Angular/Permission-Management.md) for the Angular UI.
+* [ASP.NET Core MVC / Razor Pages UI: Authorization](UI/AspNetCore/JavaScript-API/Auth.md)
+* [Angular UI Authorization](UI/Angular/Permission-Management.md)
+* [Blazor UI Authorization](UI/Blazor/Authorization.md)
 
 ## Permission Management
 

docs/en/UI/Blazor/Authentication.md

@@ -1,3 +1,11 @@
 # Blazor UI: Authentication
 
-TODO
+The [application startup template](../../Startup-Templates/Application.md) is properly configured to use OpenId Connect to authenticate the user through the server side login form;
+
+* When the Blazor application needs to authenticate, it is redirected to the server side.
+* Users can enter username & password to login if they already have an account. If not, they can use the register form to create a new user. They can also use forgot password and other features. The server side uses IdentityServer4 to handle the authentication.
+* Finally, they are redirected back to the Blazor application to complete the login process.
+
+This is a typical and recommended approach to implement authentication in Single-Page Applications. The client side configuration is done in the startup template, so you can change it.
+
+See the [Blazor Security document](https://docs.microsoft.com/en-us/aspnet/core/blazor/security) to understand and customize the authentication process.

docs/en/UI/Blazor/Authorization.md

@@ -0,0 +1,75 @@
+# Blazor UI: Authorization
+
+Blazor applications can use the same authorization system and permissions defined in the server side.
+
+> This document is only for authorizing on the Blazor UI. See the [Server Side Authorization](../../Authorization.md) to learn how to define permissions and control the authorization system.
+
+## Basic Usage
+
+> ABP Framework is **100% compatible** with the Authorization infrastructure provided by the Blazor. See the [Blazor Security Document](https://docs.microsoft.com/en-us/aspnet/core/blazor/security/) to learn all authorization options. This section **only shows some common scenarios**.
+
+### Authorize Attribute
+
+`[Authorize]` attribute can be used to show a page only to the authenticated users.
+
+````csharp
+@page "/"
+@attribute [Authorize]
+
+You can only see this if you're signed in.
+````
+
+The `[Authorize]` attribute also supports role-based or policy-based authorization. For example, you can check permissions defined in the server side:
+
+````csharp
+@page "/"
+@attribute [Authorize("MyPermission")]
+
+You can only see this if you have the necessary permission.
+````
+
+### AuthorizeView
+
+`AuthorizeView` component can be used in a page/component to conditionally render a part of the content:
+
+````html
+<AuthorizeView Policy="MyPermission">
+    <p>You can only see this if you satisfy the "MyPermission" policy.</p>
+</AuthorizeView>
+````
+
+### IAuthorizationService
+
+`IAuthorizationService` can be injected and used to programmatically check permissions:
+
+````csharp
+public partial class Index
+{
+    protected override async Task OnInitializedAsync()
+    {
+        if (await AuthorizationService.IsGrantedAsync("MyPermission"))
+        {
+            //...
+        }
+    }
+}
+````
+
+If your component directly or indirectly inherits from the `AbpComponentBase`, `AuthorizationService` becomes pre-injected and ready to use. If not, you can always [inject](../../Dependency-Injection.md) the `IAuthorizationService` yourself.
+
+`IAuthorizationService` can also be used in the view side where `AuthorizeView` component is not enough.
+
+There are some useful extension methods for the `IAuthorizationService`:
+
+* `IsGrantedAsync` simply returns `true` or `false` for the given policy/permission.
+* `CheckAsync` checks and throws `AbpAuthorizationException` if given policy/permission hasn't granted. You don't have to handle these kind of exceptions since ABP Framework automatically [handles errors](Error-Handling.md).
+* `AuthorizeAsync` returns `AuthorizationResult` as the standard way provided by the ASP.NET Core authorization system.
+
+> See the [Blazor Security Document](https://docs.microsoft.com/en-us/aspnet/core/blazor/security/) to learn all authorization options
+
+## See Also
+
+* [Authorization](../../Authorization.md) (server side)
+* [Blazor Security](https://docs.microsoft.com/en-us/aspnet/core/blazor/security/) (Microsoft documentation)
+* [ICurrentUser Service](CurrentUser.md)
+

docs/en/UI/Blazor/CurrentTenant.md

@@ -0,0 +1,23 @@
+# Blazor UI: Current Tenant
+
+`ICurrentTenant` service can be used to get information about the current tenant in a [multi-tenant](../../Multi-Tenancy.md) application. `ICurrentTenant` defines the following properties;
+
+* `Id` (`Guid`): Id of the current tenant. Can be `null` if the current user is a host user or the tenant could not be determined.
+* `Name` (`string`): Name of the current tenant. Can be `null` if the current user is a host user or the tenant could not be determined.
+* `IsAvailable` (`bool`): Returns `true` if the `Id` is not `null`.
+
+**Example: Show the current tenant name on a page**
+
+````csharp
+@page "/"
+@using Volo.Abp.MultiTenancy
+@inject ICurrentTenant CurrentTenant
+@if (CurrentTenant.IsAvailable)
+{
+    <p>Current tenant name: @CurrentTenant.Name</p>
+}
+````
+
+## See Also
+
+* [Multi-Tenancy](../../Multi-Tenancy.md)

docs/en/UI/Blazor/CurrentUser.md

@@ -0,0 +1,22 @@
+# Blazor UI: Current User
+
+`ICurrentUser` service is used to obtain information about the currently authenticated user. Inject the `ICurrentUser` into any component/page and use its properties and methods.
+
+**Example: Show username & email on a page**
+
+````csharp
+@page "/"
+@using Volo.Abp.Users
+@inject ICurrentUser CurrentUser
+@if (CurrentUser.IsAuthenticated)
+{
+    <p>Welcome @CurrentUser.UserName</p>
+}
+````
+
+> If you (directly or indirectly) derived your component from the `AbpComponentBase`, you can directly use the base `CurrentUser` property.
+
+`ICurrentUser` provides `Id`, `Name`, `SurName`, `Email`, `Roles` and some other properties.
+
+> See the [Server Side Current User](../../CurrentUser) service for more information.
+

docs/en/UI/Blazor/Error-Handling.md

@@ -0,0 +1,62 @@
+# Blazor UI: Error Handling
+
+Blazor, by default, shows a yellow line at the bottom of the page if any unhandled exception occurs. However, this is not useful in a real application.
+
+ABP provides an automatic error handling system for the Blazor UI.
+
+* Handles all unhandled exceptions and shows nice and useful messages to the user.
+* It distinguishes different kind of exceptions. Hides internal/technical error details from the user (shows a generic error message in these cases).
+* It is well integrated to the [server side exception handling](../../Exception-Handling.md) system.
+
+## Basic Usage
+
+There are different type of `Exception` classes handled differently by the ABP Framework.
+
+### UserFriendlyException
+
+`UserFriendlyException` is a special type of exception. You can directly show a error message dialog to the user by throwing such an exception.
+
+**Example**
+
+````csharp
+@page "/"
+@using Volo.Abp
+
+<Button Clicked="TestException">Throw test exception</Button>
+
+@code
+{
+    private void TestException()
+    {
+        throw new UserFriendlyException("A user friendly error message!");
+    }
+}
+````
+
+ABP automatically handle the exception and show an error message to the user:
+
+![blazor-user-friendly-exception](../../images/blazor-user-friendly-exception.png)
+
+> You can derive from `UserFriendlyException` or directly implement `IUserFriendlyException` interface to create your own `Exception` class if you need.
+
+> You can use the [localization system](Localization.md) to show localized error messages.
+
+### BusinessException and Other Exception Types
+
+See the [exception handling document](../../Exception-Handling.md) to understand different kind of Exception class and interfaces and other capabilities of the Exception Handling system.
+
+## Generic Errors
+
+If the thrown `Exception` is not a special type, it is considered as generic error and a generic error message is shown to the user:
+
+![blazor-generic-exception-message](../../images/blazor-generic-exception-message.png)
+
+> All error details (including stack trace) are still written in the browser's console.
+
+## Server Side Errors
+
+Errors (like Validation, Authorization and User Friendly Errors) sent by the server are processed as you expect and properly shown to the user. So, error handling system works end to end without need to manually handle exceptions or manually transfer server-to-client error messages.
+
+## See Also
+
+* [Exception Handling System](../../Exception-Handling.md)

docs/en/UI/Blazor/Overall.md

@@ -150,6 +150,12 @@ ABP makes this possible by auto registering components to and resolving the comp
 
 Resolving a component from the Dependency Injection system makes it possible to easily replace components of a depended module.
 
+## Error Handling
+
+Blazor, by default, shows a yellow line at the bottom of the page if any unhandled exception occurs. However, this is not useful in a real application.
+
+ABP provides an [automatic error handling system](Error-Handling.md) for the Blazor UI.
+
 ## Customization
 
 While the theme and some modules come as NuGet packages, you can still replace/override and customize them on need. See the [Customization / Overriding Components](Customization-Overriding-Components.md) document.

docs/en/UI/Blazor/Page-Header.md

@@ -0,0 +1,3 @@
+# Blazor UI: Page Header
+
+TODO

docs/en/UI/Blazor/Routing.md

@@ -0,0 +1,24 @@
+# Blazor UI: Routing
+
+Blazor has its own [routing system](https://docs.microsoft.com/en-us/aspnet/core/blazor/fundamentals/routing) and you can use it in your applications. ABP doesn't add any new feature to it, except one small improvement for the [modular development](../../Module-Development-Basics.md).
+
+## AbpRouterOptions
+
+Blazor `Router` component requires to define `AdditionalAssemblies` when you have components in assemblies/projects other than the main application's entrance assembly. So, if you want to create razor class libraries as ABP modules, you typically want to add the module's assembly to the `AdditionalAssemblies`. In this case, you need to add your module's assembly to the `AbpRouterOptions`.
+
+**Example**
+
+````csharp
+Configure<AbpRouterOptions>(options =>
+{
+    options.AdditionalAssemblies.Add(typeof(MyBlazorModule).Assembly);
+});
+````
+
+Write this code in the `ConfigureServices` method of your [module](../../Module-Development-Basics.md).
+
+`AbpRouterOptions` has another property, `AppAssembly`, which should be the entrance assembly of the application and typically set in the final application's module. If you've created your solution with the [application startup template](../../Startup-Templates/Application.md), it is already configured for you.
+
+## See Also
+
+* [Blazor Routing](https://docs.microsoft.com/en-us/aspnet/core/blazor/fundamentals/routing) (Microsoft Documentation)

docs/en/docs-nav.json

@@ -634,39 +634,76 @@
               "text": "Localization",
               "path": "UI/Blazor/Localization.md"
             },
-            {
-              "text": "Settings",
-              "path": "UI/Blazor/Settings.md"
-            },
-            {
-              "text": "Notification",
-              "path": "UI/Blazor/Notification.md"
-            },
-            {
-              "text": "Message",
-              "path": "UI/Blazor/Message.md"
-            },
             {
               "text": "Theming",
-              "path": "UI/Blazor/Theming.md",
               "items": [
+                {
+                  "text": "Overall",
+                  "path": "UI/Blazor/Theming.md"
+                },
                 {
                   "text": "The Basic Theme",
                   "path": "UI/Blazor/Basic-Theme.md"
+                },
+                {
+                  "text": "Branding",
+                  "path": "UI/Blazor/Branding.md"
+                },
+                {
+                  "text": "Page Header",
+                  "path": "UI/Blazor/Page-Header.md"
+                },
+                {
+                  "text": "Toolbars",
+                  "path": "UI/Blazor/Toolbars.md"
                 }
               ]
             },
             {
-              "text": "Toolbars",
-              "path": "UI/Blazor/Toolbars.md"
+              "text": "Security",
+              "items": [
+                {
+                  "text": "Authentication",
+                  "path": "UI/Blazor/Authentication.md"
+                },
+                {
+                  "text": "Authorization",
+                  "path": "UI/Blazor/Authorization.md"
+                }
+              ]
             },
             {
-              "text": "Page Alerts",
-              "path": "UI/Blazor/Page-Alerts.md"
+              "text": "Services",
+              "items": [
+                {
+                  "text": "Current User",
+                  "path": "UI/Blazor/CurrentUser.md"
+                },
+                {
+                  "text": "Current Tenant",
+                  "path": "UI/Blazor/CurrentTenant.md"
+                },
+                {
+                  "text": "Notification",
+                  "path": "UI/Blazor/Notification.md"
+                },
+                {
+                  "text": "Message",
+                  "path": "UI/Blazor/Message.md"
+                },
+                {
+                  "text": "Page Alerts",
+                  "path": "UI/Blazor/Page-Alerts.md"
+                }
+              ]
             },
             {
-              "text": "Branding",
-              "path": "UI/Blazor/Branding.md"
+              "text": "Settings",
+              "path": "UI/Blazor/Settings.md"
+            },
+            {
+              "text": "Error Handling",
+              "path": "UI/Blazor/Error-Handling.md"
             },
             {
               "text": "Customization / Overriding Components",
@@ -677,8 +714,8 @@
               "path": "UI/Blazor/Global-Scripts-Styles.md"
             },
             {
-              "text": "Authentication",
-              "path": "UI/Blazor/Authentication.md"
+              "text": "Routing",
+              "path": "UI/Blazor/Routing.md"
             }
           ]
         },