Class RedisPermissionService
- Namespace
- KadicAuth.Infrastructure.Services
- Assembly
- KadicAuth.Infrastructure.dll
GAP-16: Redis-backed IPermissionService for horizontally-scaled deployments. Uses IDistributedCache so the same permission set is shared across all API instances within the configured TTL — eliminates per-instance cache divergence.
Falls back gracefully to fetching from DB when the cache is unavailable (Redis down), never blocking authentication in case of cache failure.
Registration: swap PermissionService for this class in DI when RedisSettings.Enabled = true.
public sealed class RedisPermissionService : IPermissionService
- Inheritance
-
objectRedisPermissionService
- Implements
-
IPermissionService
Constructors
RedisPermissionService(ICurrentUser, IPermissionRepository, IDistributedCache, IOptions<RedisSettings>, ILogger<RedisPermissionService>)
public RedisPermissionService(ICurrentUser currentUser, IPermissionRepository permissionRepository, IDistributedCache distributedCache, IOptions<RedisSettings> redisOptions, ILogger<RedisPermissionService> logger)
Parameters
currentUserICurrentUserpermissionRepositoryIPermissionRepositorydistributedCacheIDistributedCacheredisOptionsIOptions<RedisSettings>loggerILogger<RedisPermissionService>
Methods
GetUserPermissionsAsync(CancellationToken)
Gets all permission codes for the current user based on their roles
public Task<IReadOnlyCollection<string>> GetUserPermissionsAsync(CancellationToken cancellationToken = default)
Parameters
cancellationTokenCancellationToken
Returns
- Task<IReadOnlyCollection<string>>
HasPermissionAsync(string, CancellationToken)
Checks if the current user has a specific permission
public Task<bool> HasPermissionAsync(string permissionCode, CancellationToken cancellationToken = default)
Parameters
permissionCodestringcancellationTokenCancellationToken
Returns
- Task<bool>
InvalidateCache(Guid, Guid, Guid)
Invalidates the cached permissions for the given user/tenant/branch combination
public void InvalidateCache(Guid userId, Guid tenantId, Guid branchId)
Parameters
userIdGuidtenantIdGuidbranchIdGuid