Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions

Overview

This feature keeps the Eltheon permission catalogue in sync with the Identity database. It exposes an extensible registry for declaring permissions (IPermissionProvider) and a Synchronizer/HostedService pair that ensures the Permissions table always contains the definitions required by the platform or individual templates.

Capabilities

• PermissionRegistry merges permissions from every registered IPermissionProvider and deduplicates entries by name.
• PermissionSynchronizer compares the registry with the database via IPermissionDbContext and inserts missing permissions without touching existing rows.
• AddPermissionSynchronization<TContext>() wires the synchronizer into DI as a hosted service so each host keeps its permission store up to date on startup.
• Static helpers (e.g., StaticPermissionProvider) make it trivial for templates to expose their own permission definitions.

Usage

// Program.cs
builder.Services.AddSingleton<IPermissionProvider, PermissionSeedProvider>();
builder.Services.AddPermissionSynchronization<AuthDbContext>();

1. Implement IPermissionProvider in your template/host to expose the permissions you ship (it can reuse the existing PermissionSeed list).
2. Ensure your AuthDbContext implements IPermissionDbContext so the synchronizer can access Permissions / RolePermissions.
3. Call AddPermissionSynchronization<TContext>() and the feature takes care of syncing permissions at runtime.

Dependencies

• Requires the Identity feature for the permission entities (Permission, RolePermission).
• The host must provide an EF Core DbContext that implements IPermissionDbContext.

Diagnostics

The hosted service logs when new permissions are inserted (Information) and when the set is already in sync (Debug). Hook Serilog or any other logging provider to the Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions category to trace synchronization events.