Class PlatformAdminAwarePermissionService

Namespace: KadicAuth.Infrastructure.Services

Assembly: KadicAuth.Infrastructure.dll

Decorator over the base KadicErp.Core.Abstractions.Authorization.IPermissionService implementation (KadicErp.Core.Authentication.Services.PermissionService) that short circuits for active platform admins.

Why a decorator instead of modifying the base class: KadicErp.Core.Authentication would have to reference KadicAuth.Application to see IPlatformAdminService, which creates a dependency cycle (KadicAuth.Application → KadicErp.Core.Authentication → KadicAuth.Application). This lives in KadicAuth.Infrastructure which already references both projects, so we get the behavior we need without touching the core auth services layer.

Wire-up: register this as the KadicErp.Core.Abstractions.Authorization.IPermissionService implementation in every API host (KadicAuth.Api, KadicErp.WebApi, KadicErp.Notifications.Api), AND also register the base KadicErp.Core.Authentication.Services.PermissionService so the decorator has a concrete dependency to delegate to. See the DI helper AddPlatformAdminAwarePermissions() below.

public sealed class PlatformAdminAwarePermissionService : IPermissionService

Inheritance: object

PlatformAdminAwarePermissionService

Implements: IPermissionService

Constructors

PlatformAdminAwarePermissionService(IPermissionService, ICurrentUser, IPlatformAdminService, IPermissionRepository)

public PlatformAdminAwarePermissionService(IPermissionService inner, ICurrentUser currentUser, IPlatformAdminService platformAdminService, IPermissionRepository permissionRepository)

Parameters

inner IPermissionService
currentUser ICurrentUser
platformAdminService IPlatformAdminService
permissionRepository IPermissionRepository

Methods

GetUserPermissionsAsync(CancellationToken)

Gets all permission codes for the current user based on their roles

public Task<IReadOnlyCollection<string>> GetUserPermissionsAsync(CancellationToken cancellationToken = default)

Parameters

cancellationToken CancellationToken

Returns

Task<IReadOnlyCollection<string>>

HasPermissionAsync(string, CancellationToken)

Checks if the current user has a specific permission

public Task<bool> HasPermissionAsync(string permissionCode, CancellationToken cancellationToken = default)

Parameters

permissionCode string
cancellationToken CancellationToken

Returns

Task<bool>

Table of Contents

Class PlatformAdminAwarePermissionService

Constructors

PlatformAdminAwarePermissionService(IPermissionService, ICurrentUser, IPlatformAdminService, IPermissionRepository)

Parameters

Methods

GetUserPermissionsAsync(CancellationToken)

Parameters

Returns

HasPermissionAsync(string, CancellationToken)

Parameters

Returns