-
Notifications
You must be signed in to change notification settings - Fork 25.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sample code for MVC context in authz handlers. #15218
Conversation
I've added some sample code and questions into the .md file. Is it possible to get someone to review the questions before I attempt to write the content that sits around this code? |
Review questions from @serpent5 Questions: @HaoK please review |
@serpent5 check my commit please |
@Rick-Anderson Yeah, looks fine. I plan to add some explanation around the code if the approach gets approved. I'll make sure that I ask questions here rather than as markdown comments going forward too. |
@pranavkm can you help answer some best practices questions around MVC/endpoint routing for this doc update |
Ha, they often get ignored here. They're more likely to get noticed in the file diffs. I often do both places. |
@pranavkm can you help answer some best practices questions around MVC/endpoint routing for this doc update |
Would love to see it include code showing how to access RouteData, like the 2.2 docs describe. Haven't found a way in 3.0 to do that yet. Use case would be a route such as |
@IGx89 You can achieve that by injecting |
Questions:
I guess. Is the intent to show how to identify what MVC endpoint is meant to be executed? If so, this works.
I wouldn't until there's user asks for this.
You may access attributes decorating the endpoint which includes filter attributes. Do you happen to know what sort of metadata is it that users are attempting to read?
@rynowak \ @JamesNK \ @davidfowl what do you guys think about this? You used to be able to get to |
Yes this is a regression that we might want to fix, but fixing it will break new consumers it's kinda lose lose. If we had made exposed the HttpContext then the user could get the endpoint from it so we may have to lean on the accessor now. |
We could put it behind a compat flag. Another option might be a type that allows explicit casts to @serpent5 \ @Rick-Anderson for the moment, we can point users at using |
I'm just looking to update the Accessing MVC request context in handlers section for 3.0. That lead me to look at the properties that were available on
No, I don't. I'm not in a great position to know about that. I mentioned this approach because I saw it as a more direct way to get to the filter attributes as compared to going via the From the docs issues, I've seen requests for a couple of
How should we proceed with this? Which of these should the section in question cover?:
There's a page on using DI with authz handlers, so the |
@pranavkm can you respond to the last question? |
This comment has been minimized.
This comment has been minimized.
1 similar comment
@pranavkm can you respond to the last question? |
Is that the last question? |
@serpent5 what do you need on this besides a review? |
Sorry for any confusion I've caused here. It was this question (ok, it's two questions but really it's the same one 😅):
After revisiting this today, I think it might be enough to just cover injecting |
@serpent5 can you update the questions embedded in the PR'd file? |
Sure. I’ll do this tomorrow evening. |
Closing, as this was addressed in #17829. |
Fixes #12564 Fixes #15263
Internal review URL