Skip to content

Resource based authorization #24184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 24 commits into
base: dev
Choose a base branch
from
Open

Resource based authorization #24184

wants to merge 24 commits into from
+3,877 −97

Conversation

@maliming
Copy link
Member

@maliming maliming commented Nov 15, 2025
edited
Loading

Resolves #236

This is currently an experimental PR. We will be working on

Work to be done

  • Implement IResourcePermissionChecker in the Permission Management module. This is just for checking permissions, not managing (setting) them. Defined in the framework, so any module can be independent of the Permission Management module, yet can check permissions. We can implement as NullResourcePermissionChecker (just throw not implemented exception for now) in the framework to not get DI exceptions.
  • Create IResourcePermissionManager to manage (get/set) permissions for resources in the Permission Management module, like the current IPermissionManager service. Implement it in the same place.
  • Create an app service to provide application logic to manage resource permissions.
  • Define a resource permission management modal, which should be reusable, like the current permission management modal.
  • Documentation
    • New: Resource-Based Authorization (framework/fundamentals/authorization/resource-based)
    • Update the permission management module's documentation
    • Mention about the new system with related places (main authorization document, entities document, etc)

hikalkan and others added 21 commits November 7, 2025 16:30
@hikalkan
Introduce IResourcePermissionChecker
b535f42
@hikalkan
Merge branch 'dev' into resource-based-auth
c175cfb
@hikalkan
Added GetGrantedResourceKeysAsync
e5e25c5
@hikalkan
Added summaries
87e41a6
@hikalkan
Reformat IPermissionManager
ca61e7d
@hikalkan
Remove outdated comment
8448bdd
@hikalkan
Create IResourcePermissionManager.cs
e662b62
@maliming
Add resource permission management interfaces and implementations
74d6bdb
@maliming
Add resource-based permission to PermissionDefinition system.
4c35fc9
@maliming
Add resource-based permission value providers
fccc3f2
@maliming
Refactor permission type to resource name
22cfc5b
@maliming
Merge branch 'dev' into resource-based-auth
859a4c3
@maliming
Implement resource-based permission management with new methods and c…
a2d39ad 
…lasses
@maliming
Enhance resource permission management by adding provider name and ke…
f2e5cb7 
…y parameters to permission checks
@maliming
Refactor GetPermissionsAsync method to return MultiplePermissionGrant…
09675eb 
…Result instead of IDictionary
@maliming
Implement ResourcePermissionStore.
cdc3fdd
@maliming
Add resource permission grant repositories for EF Core and MongoDB
0c0cff7
@maliming
Implement ResourcePermissionManager.
90bf895
@maliming
Add resource permission checker and store extension methods for entit…
2f56610 
…y permissions
@maliming
Add resource permission management features and update API methods
b3706cf
@maliming
Make constructor public in permission handler
8bd08b9
@maliming maliming mentioned this pull request Nov 15, 2025
Closed
8 tasks
@maliming maliming added this to the 10.1-preview milestone Nov 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

feature

Projects

None yet

Milestone

10.1-preview

Development

Successfully merging this pull request may close these issues.

Resource based authorization integration

3 participants

@maliming @hikalkan