RicoSuter
commented
5 years ago Either you write your own OperationSecurityScopeProcessor or we have to enhace the existing one so that it supports more scenarios..
Open hansmbakker opened 5 years ago
RicoSuter
commented
5 years ago Either you write your own OperationSecurityScopeProcessor or we have to enhace the existing one so that it supports more scenarios..
OperationSecurityScopeProcessor looks at
Rolesof anAuthorizeAttributebut ignores it if there are no roles given. It does not work if theAuthorizeAttributehas aPolicyproperty but noRoles.How does this work with https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-2.1?