Table of Contents

Class PlatformAdminService

Namespace
KadicAuth.Infrastructure.Services
Assembly
KadicAuth.Infrastructure.dll
public sealed class PlatformAdminService : IPlatformAdminService
Inheritance
object
PlatformAdminService
Implements

Constructors

PlatformAdminService(IPlatformAdminRepository, IMemoryCache, ILogger<PlatformAdminService>) 

public PlatformAdminService(IPlatformAdminRepository repository, IMemoryCache cache, ILogger<PlatformAdminService> logger)

Parameters

repository IPlatformAdminRepository
cache IMemoryCache
logger ILogger<PlatformAdminService>

Methods

GrantAsync(Guid, Guid, string, CancellationToken)

Grants (or re-grants) platform admin status to targetUserId. Writes an audit log entry in the same unit of work. Invalidates the cache entry for the target user so subsequent IsPlatformAdminAsync(Guid, CancellationToken) calls see the change immediately.

public Task GrantAsync(Guid targetUserId, Guid actorUserId, string reason, CancellationToken cancellationToken = default)

Parameters

targetUserId Guid
actorUserId Guid
reason string
cancellationToken CancellationToken

Returns

Task

IsPlatformAdminAsync(Guid, CancellationToken)

Short-cached DB check. Hot path for the wizard handlers — invoked on every cross-tenant bypass. Cache duration is intentionally short (seconds, not minutes) so that a revoked platform admin loses their privileges quickly.

public Task<bool> IsPlatformAdminAsync(Guid userId, CancellationToken cancellationToken = default)

Parameters

userId Guid
cancellationToken CancellationToken

Returns

Task<bool>

ListAsync(CancellationToken) 

public Task<IReadOnlyList<PlatformAdminDto>> ListAsync(CancellationToken cancellationToken = default)

Parameters

cancellationToken CancellationToken

Returns

Task<IReadOnlyList<PlatformAdminDto>>

RevokeAsync(Guid, Guid, string, CancellationToken)

Revokes platform admin status. Fails (business rule) if the target is the last active admin, to prevent self-lockout of the platform.

public Task RevokeAsync(Guid targetUserId, Guid actorUserId, string reason, CancellationToken cancellationToken = default)

Parameters

targetUserId Guid
actorUserId Guid
reason string
cancellationToken CancellationToken

Returns

Task
Edit this page