As I am working on Asp.Net core Authorization
part, I needed a new property in AuthorizeAttribute
which I want to utilize as a extra permission value. So, I have extended the AuthorizeAttribute
in my own custom Authorize attribute. See below:
public class RoleAuthorizeAttribute : Microsoft.AspNetCore.Authorization.AuthorizeAttribute
{
public string Permission { get; private set; }
public RoleAuthorizeAttribute(string policy, string permission) : base(policy)
{
this.Permission = permission;
}
}
Then, I've created an AuthorizationHandler
to check for the requirement as below:
public class RolePermissionAccessRequirement : AuthorizationHandler<RolePermissionDb>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RolePermissionDb requirement)
{
// check here..
context.Succeed(requirement);
return Task.FromResult(0);
}
}
All respective service collection mapping I have already done, just omitted here.
Now, I want my attribute to use like this on controller action level:
[RoleAuthorize("DefaultPolicy", "CustomPermission")]
public IActionResult List()
{
}
Would anybody suggest me how would I access the permission property value given on the top of Action method in the handler RolePermissionAccessRequirement ??
I want to perform some sort of access rule based on custom permission value given in the Authorize attribute
on top of Action method.
Thanks in advance!
Best Answer
To parametrize a custom
Authorize
attribute, create an authorization filter implementingIAsyncAuthorizationFilter
. Then wrap the filter in aTypeFilterAttribute
-derived attribute. This attribute can accept parameters and pass it to the authorization filter's constructor.Usage example:
Implementation:
In addition, register a
PermissionHandler
in DI to handlePermissionRequirement
with permission list:Look at this this GitHub project for a complete example.