SharpGrip.AuthorizationChecker
1.0.0
Prefix Reserved
dotnet add package SharpGrip.AuthorizationChecker --version 1.0.0
NuGet\Install-Package SharpGrip.AuthorizationChecker -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="SharpGrip.AuthorizationChecker" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SharpGrip.AuthorizationChecker --version 1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: SharpGrip.AuthorizationChecker, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install SharpGrip.AuthorizationChecker as a Cake Addin
#addin nuget:?package=SharpGrip.AuthorizationChecker&version=1.0.0
// Install SharpGrip.AuthorizationChecker as a Cake Tool
#tool nuget:?package=SharpGrip.AuthorizationChecker&version=1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
SharpGrip AuthorizationChecker 
Builds
![AuthorizationChecker [Build]](https://github.com/SharpGrip/AuthorizationChecker/actions/workflows/Build.yaml/badge.svg){kind=icon}
Introduction
SharpGrip AuthorizationChecker is a security system that provides an easy and effective way to check access on objects.
Installation
Reference NuGet package SharpGrip.AuthorizationChecker (https://www.nuget.org/packages/SharpGrip.AuthorizationChecker).
Add the AuthorizationChecker security system to your service collection via the extension method.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker();
}
Configuration
Properties
| Property | Default value | Description |
|---|---|---|
| AccessDecisionStrategy | AccessDecisionStrategy.Affirmative |
The access decision strategy used to determine if a given mode is allowed on a given subject. |
| UnanimousVoteAllowIfAllAbstain | false |
Configures the access result outcome on AccessDecisionStrategy.Unanimous access decision strategies if all the subject's voters abstain from voting. |
Access decision strategies
| Strategy | Description |
|---|---|
AccessDecisionStrategy.Affirmative |
Grants access as soon as there is one IVoter instance granting access. |
AccessDecisionStrategy.Majority |
Grants access if there are more IVoter instances granting access than denying it. |
AccessDecisionStrategy.Unanimous |
Grants access if there are no IVoter instances denying access. |
Via the services.AddAuthorizationChecker() extension method
using SharpGrip.AuthorizationChecker.Extensions;
using SharpGrip.AuthorizationChecker.Options;
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker(options =>
{
options.AccessDecisionStrategy = AccessDecisionStrategy.Majority;
options.UnanimousVoteAllowIfAllAbstain = true;
});
}
Via the services.Configure() method
using SharpGrip.AuthorizationChecker.Extensions;
using SharpGrip.AuthorizationChecker.Options;
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorizationChecker();
services.Configure<AuthorizationCheckerOptions>(options =>
{
options.AccessDecisionStrategy = AccessDecisionStrategy.Majority;
options.UnanimousVoteAllowIfAllAbstain = true;
});
}
Usage
Adding voters
Create a new class and implement either the IVoter<TSubject> or the IVoter<TSubject, TUser> interface.
IVoter<TSubject>
public class CarVoter : IVoter<Car>
{
/// <summary>
/// Determines if this <see cref="IVoter{TSubject}"/> instance will vote on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <returns>True if this <see cref="IVoter{TSubject}"/> instance will vote, False otherwise.</returns>
public bool WillVote(string mode, Car subject)
{
return true;
}
/// <summary>
/// Votes on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <returns>True if this <see cref="IVoter{TSubject}"/> instance allows access, False otherwise.</returns>
public bool Vote(string mode, Car subject)
{
return mode switch
{
"create" => false,
"read" => true,
"update" => false,
"delete" => true,
_ => false
};
}
}
IVoter<TSubject, TUser>
public class CarVoter : IVoter<Car, User>
{
/// <summary>
/// Determines if this <see cref="IVoter{TSubject, TUser}"/> instance will vote on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <param name="user">The user.</param>
/// <returns>True if this <see cref="IVoter{TSubject, TUser}"/> instance will vote, False otherwise.</returns>
public bool WillVote(string mode, Car subject, User user)
{
return true;
}
/// <summary>
/// Votes on the mode and subject.
/// </summary>
/// <param name="mode">The mode.</param>
/// <param name="subject">The subject.</param>
/// <param name="user">The user.</param>
/// <returns>True if this <see cref="IVoter{TSubject, TUser}"/> instance allows access, False otherwise.</returns>
public bool Vote(string mode, Car subject, User user)
{
return mode switch
{
"create" => true,
"read" => false,
"update" => true,
"delete" => false,
_ => true
};
}
}
Checking access
Inject the IAuthorizationChecker service and call one of the methods below:
Checking access directly
Car car = new Car();
User user = new User();
// Resolves to `IVoter<TSubject>` voter instances using the configured (or default) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car);
// Resolves to `IVoter<TSubject, TUser>` voter instances using the configured (or default) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, user);
// Resolves to `IVoter<TSubject>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, AccessDecisionStrategy.Unanimous);
// Resolves to `IVoter<TSubject, TUser>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
bool result = authorizationChecker.IsAllowed("edit", car, user, AccessDecisionStrategy.Unanimous);
Retrieving the authorization result and checking access
Car car = new Car();
User user = new User();
// Resolves to `IVoter<TSubject>` voter instances using the configured (or default) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject, TUser>` voter instances using the configured (or default) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, user);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, AccessDecisionStrategy.Unanimous);
bool result = authorizationResult.IsAllowed();
// Resolves to `IVoter<TSubject, TUser>` voter instances using the provided (`AccessDecisionStrategy.Unanimous`) access decision strategy.
IAuthorizationResult<Car> authorizationResult = authorizationChecker.GetAuthorizationResult("edit", car, user, AccessDecisionStrategy.Unanimous);
bool result = authorizationResult.IsAllowed();
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.0 is compatible. netstandard2.1 is compatible. |
| .NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen40 was computed. tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETStandard 2.0
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.0.0)
- Microsoft.Extensions.Options (>= 3.0.0)
-
.NETStandard 2.1
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 3.0.0)
- Microsoft.Extensions.Options (>= 3.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 1.0.0 | 212 | 8/5/2023 |
| 1.0.0-alpha2 | 14,636 | 4/3/2020 |
| 1.0.0-alpha1 | 4,674 | 3/28/2020 |