-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make HttpRequest available to RequestTransformer via the CasbinAuthorizationContext or CasbinAuthorizationData #18
Comments
Welcome to open PRs! |
Ok. In my proof of concept I added HttpRequest to the ICasbinAuthorizationData, but perhaps a better place is to add it to ICasbinAuthorizationContext? I will look into it |
@sagilio plz make a new release. |
Is there anything you need from me which is blocking a new release? Is there CI/CD (bleeding edge) pipeline where I can get the latest merged changes? The reason for asking is to avoid having to set up my own nuget package pipeline to get the latest changes into my project. |
@thoraj You can refer this:https://github.com/casbin-net/casbin-aspnetcore#installation, |
@sagilio we should setup semantic-release to push every merged PR into nuget directly. That's fine because we use semantic-versioning to make sure the users can always know what they are doing, does this make sense? |
Ok. I am consuming the Casbin packages from the myget feed. The latest versions there are:
So until a new release of Casbin.AspNetCore.Abstractions is available the HttpRequest will be missing on the |
@hsluoyz Yes, I am doing it. |
@thoraj And now the |
Yes fine. Looks good. My reason for not adding the HttpContext was that it is available on the HttpRequest object. But it is probably cleaner to replace both User and HttpRequest with HttpContext. I just updated the packages from the myget feed, so all is good. |
We wish to provide the HttpRequest object to the RequestTransformer. This will allow the transformer to work out the obj (=request path), and the act method (e.g. GET|POST), without having to explicitly provide those in the CasbinAuthorize attribute. It will also enable scenarios where e.g. the domain/tenant is to be found either in the request headers or in the request content.
I have created a proof of concept which seem to work. So I'm wondering if you are accepting PRs? Or if there are any suitable extension points for this, or if we will be required to fork the project?
The text was updated successfully, but these errors were encountered: