search

JonPSmith / AuthPermissions.AspNetCore

This library provides extra authorization and multi-tenant features to an ASP.NET Core application.
https://www.thereformedprogrammer.net/finally-a-library-that-improves-role-authorization-in-asp-net-core/
MIT License
764 stars 155 forks source link

Code for minimal API's fluent HasPermission #49

Closed idan-h closed 2 years ago

idan-h commented 2 years ago

Hey, I wrote small piece of code to handle the HasPermission attribute fluently for minimal api.

Usage:

app.MapGet("/", () => "Hello World!")
            .HasPermission(ApplicationPermission.AccessAll);

Extension method:

public static TBuilder HasPermission<TBuilder>(this TBuilder builder, object permission) where TBuilder : IEndpointConventionBuilder
  {
      var authorizeData = new HasPermissionAttribute(permission);
      builder.RequireAuthorization(authorizeData);

      return builder;
  }

Which namespace you would like this method to go into? I think people who use minimal api might find it useful

JonPSmith commented 2 years ago

Yes, that would be useful.

You should add the method into the PermissionChecks static class and add a test(s) in the TestPermissionChecker.

idan-h commented 2 years ago

@JonPSmith Tried adding to that class, but couldn't because it depends on asp.net core. Added in Test.UnitTests.TestAuthPermissionsAspNetCore.TestPermissionPolicy and AuthPermissions.AspNetCore.PolicyCode.PermissionExtensions instead

JonPSmith commented 2 years ago

Hi @idan-h,

Yes, that was the correct thing to add it to the AuthPermissions.AspNetCore.PolicyCode namespace. I'm not planning a release straight away as I have a few other things to do.