Closed shayura closed 1 year ago
@sagilio @xcaptain @huazhikui
You will need to roll your own AuthorizationHandler<T>
and make a requirement that takes your conditions.
@sagilio
This feature already be supported, you can see some samples here: https://github.com/casbin-net/casbin-aspnetcore/blob/master/test/Casbin.AspNetCore.Tests/AuthorizationServiceTest.cs
We will provide more friendly APIs about this in future versions.
@shayura
Closed as resolved
I have an application that uses imperative access control. In this application I cannot use attributes to enforce access to a controller action because the subject, object, and action needed to query the enforcer depend upon conditions that aren't available until much later.
Do you think this package already supports imperative authorization checks, e.g. using custom request transformers, or does it need an extra layer of code that's not there yet?