SharpGrip.AuthorizationChecker
1.0.0
Prefix Reserved
dotnet add package SharpGrip.AuthorizationChecker --version 1.0.0
NuGet\Install-Package SharpGrip.AuthorizationChecker -Version 1.0.0
<PackageReference Include="SharpGrip.AuthorizationChecker" Version="1.0.0" />
paket add SharpGrip.AuthorizationChecker --version 1.0.0
#r "nuget: SharpGrip.AuthorizationChecker, 1.0.0"
// Install SharpGrip.AuthorizationChecker as a Cake Addin #addin nuget:?package=SharpGrip.AuthorizationChecker&version=1.0.0 // Install SharpGrip.AuthorizationChecker as a Cake Tool #tool nuget:?package=SharpGrip.AuthorizationChecker&version=1.0.0
SharpGrip AuthorizationChecker
Builds
Introduction
SharpGrip AuthorizationChecker is a security system that provides an easy and effective way to check access on objects.
Installation
Reference NuGet package SharpGrip.AuthorizationChecker
(https://www.nuget.org/packages/SharpGrip.AuthorizationChecker).
Add the AuthorizationChecker security system to your service collection via the extension method.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker();
}
Configuration
Properties
Property | Default value | Description |
---|---|---|
AccessDecisionStrategy | AccessDecisionStrategy.Affirmative |
The access decision strategy used to determine if a given mode is allowed on a given subject. |
UnanimousVoteAllowIfAllAbstain | false |
Configures the access result outcome on AccessDecisionStrategy.Unanimous access decision strategies if all the subject's voters abstain from voting. |
Access decision strategies
Strategy | Description |
---|---|
AccessDecisionStrategy.Affirmative |
Grants access as soon as there is one IVoter instance granting access. |
AccessDecisionStrategy.Majority |
Grants access if there are more IVoter instances granting access than denying it. |
AccessDecisionStrategy.Unanimous |
Grants access if there are no IVoter instances denying access. |
Via the services.AddAuthorizationChecker()
extension method
using SharpGrip.AuthorizationChecker.Extensions;
using SharpGrip.AuthorizationChecker.Options;
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker(options =>
{
options.AccessDecisionStrategy = AccessDecisionStrategy.Majority;
options.UnanimousVoteAllowIfAllAbstain = true;
});
}
Via the services.Configure()
method
using SharpGrip.AuthorizationChecker.Extensions;
using SharpGrip.AuthorizationChecker.Options;
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker();
services.Configure<AuthorizationCheckerOptions>(options =>
{
options.AccessDecisionStrategy = AccessDecisionStrategy.Majority;
options.UnanimousVoteAllowIfAllAbstain = true;
});
}
Usage
Adding voters
Create a new class and implement either the IVoter<TSubject>
or the IVoter<TSubject, TUser>
interface.
IVoter<TSubject>
public class CarVoter : IVoter<Car>
{
/// <summary>
/// Determines if this <see cref="IVoter{TSubject}"/> instance will vote on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <returns>True if this <see cref="IVoter{TSubject}"/> instance will vote, False otherwise.</returns>
public bool WillVote(string mode, Car subject)
{
return true;
}
/// <summary>
/// Votes on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <returns>True if this <see cref="IVoter{TSubject}"/> instance allows access, False otherwise.</returns>
public bool Vote(string mode, Car subject)
{
return mode switch
{
"create" => false,
"read" => true,
"update" => false,
"delete" => true,
_ => false
};
}
}
IVoter<TSubject, TUser>
public class CarVoter : IVoter<Car, User>
{
/// <summary>
/// Determines if this <see cref="IVoter{TSubject, TUser}"/> instance will vote on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <param name="user">The user.</param>
/// <returns>True if this <see cref="IVoter{TSubject, TUser}"/> instance will vote, False otherwise.</returns>
public bool WillVote(string mode, Car subject, User user)
{
return true;
}
/// <summary>
/// Votes on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <param name="user">The user.</param>
/// <returns>True if this <see cref="IVoter{TSubject, TUser}"/> instance allows access, False otherwise.</returns>
public bool Vote(string mode, Car subject, User user)
{
return mode switch
{
"create" => true,
"read" => false,
"update" => true,
"delete" => false,
_ => true
};
}
}
Checking access
Inject the IAuthorizationChecker
service and call one of the methods below:
Checking access directly
Car car = new Car();
User user = new User();
// Resolves to `IVoter<TSubject>` voter instances using the configured (or default) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car);
// Resolves to `IVoter<TSubject, TUser>` voter instances using the configured (or default) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, user);
// Resolves to `IVoter<TSubject>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, AccessDecisionStrategy.Unanimous);
// Resolves to `IVoter<TSubject, TUser>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, user, AccessDecisionStrategy.Unanimous);
Retrieving the authorization result and checking access
Car car = new Car();
User user = new User();
// Resolves to `IVoter<TSubject>` voter instances using the configured (or default) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject, TUser>` voter instances using the configured (or default) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, user);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, AccessDecisionStrategy.Unanimous);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject, TUser>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, user, AccessDecisionStrategy.Unanimous);
bool result = authorizationResult.IsAllowed();
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.0 is compatible. netstandard2.1 is compatible. |
.NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen40 was computed. tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.0
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.0.0)
- Microsoft.Extensions.Options (>= 3.0.0)
-
.NETStandard 2.1
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.0.0)
- Microsoft.Extensions.Options (>= 3.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
1.0.0 | 2,261 | 8/5/2023 |
1.0.0-alpha2 | 14,689 | 4/3/2020 |
1.0.0-alpha1 | 4,700 | 3/28/2020 |