Table of Contents

Class RedisPermissionService

Namespace
KadicAuth.Infrastructure.Services
Assembly
KadicAuth.Infrastructure.dll

GAP-16: Redis-backed IPermissionService for horizontally-scaled deployments. Uses IDistributedCache so the same permission set is shared across all API instances within the configured TTL — eliminates per-instance cache divergence.

Falls back gracefully to fetching from DB when the cache is unavailable (Redis down), never blocking authentication in case of cache failure.

Registration: swap PermissionService for this class in DI when RedisSettings.Enabled = true.

public sealed class RedisPermissionService : IPermissionService
Inheritance
object
RedisPermissionService
Implements
IPermissionService

Constructors

RedisPermissionService(ICurrentUser, IPermissionRepository, IDistributedCache, IOptions<RedisSettings>, ILogger<RedisPermissionService>)

public RedisPermissionService(ICurrentUser currentUser, IPermissionRepository permissionRepository, IDistributedCache distributedCache, IOptions<RedisSettings> redisOptions, ILogger<RedisPermissionService> logger)

Parameters

currentUser ICurrentUser
permissionRepository IPermissionRepository
distributedCache IDistributedCache
redisOptions IOptions<RedisSettings>
logger ILogger<RedisPermissionService>

Methods

GetUserPermissionsAsync(CancellationToken)

Gets all permission codes for the current user based on their roles

public Task<IReadOnlyCollection<string>> GetUserPermissionsAsync(CancellationToken cancellationToken = default)

Parameters

cancellationToken CancellationToken

Returns

Task<IReadOnlyCollection<string>>

HasPermissionAsync(string, CancellationToken)

Checks if the current user has a specific permission

public Task<bool> HasPermissionAsync(string permissionCode, CancellationToken cancellationToken = default)

Parameters

permissionCode string
cancellationToken CancellationToken

Returns

Task<bool>

InvalidateCache(Guid, Guid, Guid)

Invalidates the cached permissions for the given user/tenant/branch combination

public void InvalidateCache(Guid userId, Guid tenantId, Guid branchId)

Parameters

userId Guid
tenantId Guid
branchId Guid