netcorekit
netcorekit copied to clipboard
Support simple authorize with policy
Just like https://github.com/EduardoPires/EquinoxProject/blob/master/src/Equinox.WebApi/Startup.cs#L61, but we will put it into the configuration (consider using feature toggle
), then just do something like
appsettings.json
"Features": {
"Authz": {
"CanWriteCustomerData": {
"Customers": "Write"
},
"CanRemoveCustomerData": {
"Customers": "Remove"
}
}
}
Then in the CustomerController.cs
[Authorize]
public class CustomerController : ApiController
{
[HttpPost]
[Authorize(Policy = "CanWriteCustomerData")]
[Route("customer-management")]
public IActionResult Post([FromBody]CustomerViewModel customerViewModel)
{
}
}