C
C#4mo ago
nox7

✅ ASP Core Attribute Logic Help

I need assistance with structuring my controller attribute logic (they're authorization attributes) in ASP Core 2 - I am using .NET 8. I have the following objects (for this purpose): ClientAccount, Dashboard, and StripeAccount. When a client accesses a route, I need to - Verify they are logged in - Verify they are accessing a Dashboard that exists - Verify they are accessing a Dashboard they have authorization to view - Verify, for some routes, the Dashboard has a connected StripeAccount My idea was to add these attributes to the controllers 
[RequireClientAccount]
[RequireDashboard]
[RequireClientHasAccessToDashboard]
[RequireClientAccount]
[RequireDashboard]
[RequireClientHasAccessToDashboard]
Because some routes don't need the 3rd one. How can I approach this without each route having to run duplicate database calls? As in, RequireDashboard and RequireClientHasAccessToDashboard would both need to re-fetch the current Dashboard from the HttpContext since routes don't have any set order they run in - so they can't rely on one already having fetched the Dashboard object? Would a scoped object with static properties work to store if an object has already been fetched? Because attributes have no defined order, I am duplicating Db queries in each attribute to perform the same operation at the moment.
4 Replies
z0mb
z0mb4mo ago
Couldn't you just have one attribute, and pass in some parameters to configure what exactly you need for that specific endpoint? Then you can logically determine if they should be able to access the endpoint based off of your requirements and the provided parameters? That would avoid multiple unnecessary DB calls.
z0mb
z0mb4mo ago
Verify they are logged in : I would just use the built in [Authorize] vs [AllowAnonymous] Verify they are accessing a dashboard that exists: Verify they are accessing a dashboard they have authorization to view: Verify for some routes the Dashboard has a connected StripeAccount: https://paste.mod.gg/xtgdonyhekrc/0
BlazeBin - xtgdonyhekrc
A tool for sharing your source code with the world!
z0mb
z0mb4mo ago
That is just some boilerplate stuff to get you going, but I believe this approach would accomplish what you need. Add, subtract, or modify parameters as you see fit. Then your usage would look something like this: 
[VerifyAccess(requireClientDashboardAccess: true, requireConnectedStripeAccount: false)]
[VerifyAccess(requireClientDashboardAccess: true, requireConnectedStripeAccount: false)]
nox7
nox74mo ago
I don't know why I locked out using constructor parameters from my mind. That's a good solution - thanks.
Want results from more Discord servers?
Add your server
More Posts
Moving local files onto docker containerHi I have files in folder c:/dev and I have a dockerfile in c:/dev/scripts/docker/dockerfile and ✅ Settting localizable in all formsIs there a way to do this without manually going into each designer ?✅ Using IProgress with await Task.WhenAll(tasks);I am trying to introduce a IProgress object into the code below. Can't for the life of me figure howCasting from int to uint and backIs casting a negative int to a uint and then back to a int guaranteed to give back the original negaUnhandled Exception: System.Runtime.InteropServices.COMException:Unknown error (0x8007203b)I am currently working on a console app that goes through active directory and exports all the compuVolume licensingHey folks, this is a pretty broad open question but hoping ya'll have patience with me. How does oneFeedback on PortfolioHello! As someone who has been learning C# by themselves, I am currently focusing on my GitHub portcharacter wont move (probs noobie post)Pressing d or a both wont make my character do anything.Guys, someone know some API or any library that can translate videos in real time?I'm trying to translate the audio from a video, via code, for using on a Unity game.ASP.NET Core authorization for just me -- a personal projectI have a background service meant solely for personal use running on a spare laptop in my closet. I