Comments (4)
from casbin-aspnetcore.
Model
and Enforcer
have the default Scope
lifecycle at the current version, you can change it by optional parameters,
And in Casbin v2.0, we can use synced model, so the model can have a singleton lifecycle.:
casbin-aspnetcore/src/Casbin.AspNetCore/ServiceCollectionExtension.cs
Lines 19 to 37 in 0cb68a5
If you use the default option, the changes to the database will be active immediately, Would you like to provide a sample for us to handle this problem
from casbin-aspnetcore.
I feel like I'm on a fairly steep learning curve here.
What I'm trying to achieve is:
- Use EFCoreAdapter with a PosgresSQL and a custom CasbinContext (VerjiCasbinContext)
- Access Enforcer in service components which are resolved from contiainer/ServiceCollection
- Use CasbinAuthorize attribute with custom RequestTransformers
- Use filtering to avoid loading all data
- Filtering must be made from request parameter (i.e picking from HttpContext somehow)
I think the approach I have now is wrong and has issues with component lifecycles. Currently I'm registering Casbin components in an Autofac container. The CasbinAuthorize middleware resolve the Enforcer from the DefaultEnforcerFactory which resolves it from Autofac/ServiceCollection. In other components I inject Enforcer directly. I think this is causing issues with lifecycle management and concurrency.
So to elevate my understanding of Casbin, I would like to hear about the recommended ways to achieve the goals I described above.
- What is the recommended way to use EFCoreAdapter instead of DefaultFileAdapter?
- What is the recommended way to get access to an Enforcer object using DI
- What is the recommended way to use filtering in an enforcer in the middleware? (Filtering on parameters in HttpContext)
I hope there is a better way than to re-implement most of the servicecollection registrations, and that overriding the correct dependencies will do the trick.
from casbin-aspnetcore.
We have come a bit further, so I'll just summarize what we've done in case there are comments, or in case this could be of benefit to others:
To leverage the most of the logic already in place we abandoned most of our custom DI registrations, and try to rely more on the casbin built in handling of scopes etc. So now we instead:
- Register our custom VerjiCasbinDbContext
- Register a custom VerjiEnforcerProvider
In VerjiEnforcerProvider we inject:
- ICasbinModelProvider
- VerjiCasbinDbContext
- HttpContextAccessor
This lets us create an adapter, and an Enforcer, and lets us customize the adapter and enforcer to ensure:
- We have added the appropriate matching functions
- We applied the appropriate filtering of policies
With this approach things started to behave a lot better wrt. object lifecycle, and data staleness.
from casbin-aspnetcore.
Related Issues (20)
- Update to Casbin.NET v2.0.0-preview.1 HOT 1
- Add casbin logo to nuget packages
- Fix GitHub Actions error HOT 2
- How can I make CasbinAuthorize work with a specific request transformer HOT 3
- [Question] How to retrieve NetCasbin.Enforcer from ApiController? HOT 9
- how to use EFCore-Adapter together with casbin-aspnetcore HOT 3
- How to pass a custom EnforcerService or how to make dbcontext available to RequestTransformer HOT 5
- Does [CasbinAuthorize] work in Razor Pages? HOT 3
- Missing compatibility with Casbin EFCore Adapter HOT 8
- Support for imperative authorization checks HOT 6
- CodeQL CI failed HOT 3
- Fix CI error of codeql anaylzer HOT 4
- Another CodeQL CI error HOT 1
- Best way to use EF core adapter with filter HOT 3
- Using query or route params in CasbinAuthorizeAttribute HOT 1
- CI error: error CS0103: The name 'SyncedEnforcer' does not exist in the current context HOT 5
- The options.DefaultRequestTransformerType was not found HOT 12
- [bug] the commit "fix: not use ref values to transform" failed the CI tests HOT 6
- Ef core example - WebApplicationWithEfcoreSample HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from casbin-aspnetcore.