From 21dda26350458d49fcd3108d20869bd9bbce94d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Halil=20=C4=B0brahim=20Kalkan?= Date: Sat, 17 Oct 2020 18:18:25 +0300 Subject: [PATCH] Update Part-5.md --- docs/en/Tutorials/Part-5.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/en/Tutorials/Part-5.md b/docs/en/Tutorials/Part-5.md index 815addd224..d083d18a2e 100644 --- a/docs/en/Tutorials/Part-5.md +++ b/docs/en/Tutorials/Part-5.md @@ -460,7 +460,7 @@ Open the `/src/app/book/book.component.html` file and replace the edit and delet ### Authorize the Razor Component -Open the `/Pages/Books.razor` file in the `Acme.BookStore.Blazor` project and add an `Authorize` attribute just after the `@page` directive, as shown below: +Open the `/Pages/Books.razor` file in the `Acme.BookStore.Blazor` project and add an `Authorize` attribute just after the `@page` directive and the following namespace imports (`@using` lines), as shown below: ````html @page "/books" @@ -518,7 +518,9 @@ Wrap the *New Book* button by an `if` block as shown below: @if (canCreateBook) { + Clicked="OpenCreateModalAsync"> + @L["NewBook"] + } ```` @@ -545,7 +547,7 @@ As similar to the *New Book* button, we can use `if` blocks to conditionally sho You can run and test the permissions. Remove a book related permission from the admin role to see the related button/action disappears from the UI. -However, ABP Framework caches the permissions of the current user in the client side. So, when you change a permission for yourself, you need to manually **refresh the page** to take the effect. If you don't refresh and try to use the prohibited action you get an HTTP 403 (forbidden) response from the server. +**ABP Framework caches the permissions** of the current user in the client side. So, when you change a permission for yourself, you need to manually **refresh the page** to take the effect. If you don't refresh and try to use the prohibited action you get an HTTP 403 (forbidden) response from the server. > Changing a permission for a role or user immediately available on the server side. So, this cache system doesn't cause any security problem.