E Vareon Pack NuGet- und npm-Paketregistry
Suche öffnen Admin öffnen

NuGet ยท nuget

Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions

Provides permission registry and synchronization for Eltheon hosts.

Install

Install-Kommandos

dotnet add package Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions --version 0.9.1.1
<PackageReference Include="Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions" Version="0.9.1.1" />
paket add Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions --version 0.9.1.1
Install-Package Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions -Version 0.9.1.1

README

Vorschau

Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions

Overview

This feature keeps the Eltheon permission catalogue in sync with the Identity database. It exposes an extensible registry for declaring permissions (IPermissionProvider) and a Synchronizer/HostedService pair that ensures the Permissions table always contains the definitions required by the platform or individual templates.

Capabilities

  • PermissionRegistry merges permissions from every registered IPermissionProvider and deduplicates entries by name.
  • PermissionSynchronizer compares the registry with the database via IPermissionDbContext and inserts missing permissions without touching existing rows.
  • Permission synchronization publishes canonical EventBus contracts for newly registered permissions and default role grants when events are enabled.
  • AddPermissionSynchronization<TContext>() wires the synchronizer into DI as a hosted service so each host keeps its permission store up to date on startup.
  • Static helpers (e.g., StaticPermissionProvider) make it trivial for templates to expose their own permission definitions.

Usage

// Program.cs
builder.Services.AddSingleton<IPermissionProvider, PermissionSeedProvider>();
builder.Services.AddPermissionSynchronization<AuthDbContext>();
  1. Implement IPermissionProvider in your template/host to expose the permissions you ship (it can reuse the existing PermissionSeed list).
  2. Ensure your AuthDbContext implements IPermissionDbContext so the synchronizer can access Permissions / RolePermissions.
  3. Call AddPermissionSynchronization<TContext>() and the feature takes care of syncing permissions at runtime.

Eventization Reference Pattern

Permissions is the Phase 2.0 reference slice for feature eventization. The feature owns its event contracts, metadata registration, opt-out options, and role-permission transition helper logic. See docs/architecture/EltheonFeatureEventizationRules.md in the repository for the general rules.

Canonical permissions events:

  • Eltheon.Permissions.PermissionRegistered
  • Eltheon.Permissions.RolePermissionAssigned
  • Eltheon.Permissions.RolePermissionChanged
  • Eltheon.Permissions.RolePermissionRemoved

PermissionsChangedEvent remains available for cache invalidation and backward compatibility.

AddPermissionSynchronization<TContext>() registers all permissions event metadata with Security scope, Critical durability, InternalOnly visibility, High priority, and audit/security relevance. Events are enabled by default and can be disabled explicitly:

builder.Services.AddPermissionSynchronization<AuthDbContext>(options =>
{
    options.EnableEvents = false;
});

Dependencies

  • Requires the Identity feature for the permission entities (Permission, RolePermission).
  • Requires the Events feature for canonical event contracts and metadata.
  • The host must provide an EF Core DbContext that implements IPermissionDbContext.

Diagnostics

The hosted service logs when new permissions are inserted (Information) and when the set is already in sync (Debug). Hook Serilog or any other logging provider to the Redeon.SuperSiteEngineCore.Web.Eltheon.Core.Features.Permissions category to trace synchronization events.