svrnty/dotnet-cqrs
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

Compare commits

base: svrnty/dotnet-cqrs:10.1.0-rc1
Branches Tags
svrnty/dotnet-cqrs:main svrnty/dotnet-cqrs:feat/altcha-check-pipeline svrnty/dotnet-cqrs:dev svrnty/dotnet-cqrs:staging svrnty/dotnet-cqrs:feature/events-kafka svrnty/dotnet-cqrs:JP svrnty/dotnet-cqrs:jp-codex-test
svrnty/dotnet-cqrs:10.3.0-altcha.2 svrnty/dotnet-cqrs:10.2.1-rc1 svrnty/dotnet-cqrs:10.2.0 svrnty/dotnet-cqrs:10.1.2 svrnty/dotnet-cqrs:10.1.1-rc3 svrnty/dotnet-cqrs:10.1.1-rc2 svrnty/dotnet-cqrs:10.1.1-rc1 svrnty/dotnet-cqrs:10.1.0-rc8 svrnty/dotnet-cqrs:10.1.0-rc7 svrnty/dotnet-cqrs:10.1.0-rc6 svrnty/dotnet-cqrs:10.1.0-rc5 svrnty/dotnet-cqrs:10.1.0-rc4 svrnty/dotnet-cqrs:10.1.0-rc3 svrnty/dotnet-cqrs:10.1.0-rc2 svrnty/dotnet-cqrs:10.1.0-rc1 svrnty/dotnet-cqrs:10.0.0 svrnty/dotnet-cqrs:10.0.0-preview-rc2 svrnty/dotnet-cqrs:10.0.0-preview-rc1
..
compare: svrnty/dotnet-cqrs:10.1.0-rc4
Branches Tags
svrnty/dotnet-cqrs:feat/altcha-check-pipeline svrnty/dotnet-cqrs:dev svrnty/dotnet-cqrs:staging svrnty/dotnet-cqrs:feature/events-kafka svrnty/dotnet-cqrs:main svrnty/dotnet-cqrs:JP svrnty/dotnet-cqrs:jp-codex-test
svrnty/dotnet-cqrs:10.3.0-altcha.2 svrnty/dotnet-cqrs:10.2.1-rc1 svrnty/dotnet-cqrs:10.2.0 svrnty/dotnet-cqrs:10.1.2 svrnty/dotnet-cqrs:10.1.1-rc3 svrnty/dotnet-cqrs:10.1.1-rc2 svrnty/dotnet-cqrs:10.1.1-rc1 svrnty/dotnet-cqrs:10.1.0-rc8 svrnty/dotnet-cqrs:10.1.0-rc7 svrnty/dotnet-cqrs:10.1.0-rc6 svrnty/dotnet-cqrs:10.1.0-rc5 svrnty/dotnet-cqrs:10.1.0-rc4 svrnty/dotnet-cqrs:10.1.0-rc3 svrnty/dotnet-cqrs:10.1.0-rc2 svrnty/dotnet-cqrs:10.1.0-rc1 svrnty/dotnet-cqrs:10.0.0 svrnty/dotnet-cqrs:10.0.0-preview-rc2 svrnty/dotnet-cqrs:10.0.0-preview-rc1

3 Commits
10.1.0-rc1 .. 10.1.0-rc4

Author SHA1 Message Date
david.nguyen 18f81a28e8 Add authorization checks to gRPC service implementations
Publish NuGets / build (release) Successful in 44s
Details 
- Add ICommandAuthorizationService check to CommandServiceImpl
- Add IQueryAuthorizationService check to QueryServiceImpl
- Add IQueryAuthorizationService check to DynamicQueryServiceImpl
- Return Unauthenticated/PermissionDenied gRPC status codes
- Use global:: prefix for Grpc.Core namespace to avoid conflicts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 14:18:07 -05:00
david.nguyen 201768e716 Revert AllowAnonymous endpoint propagation
Publish NuGets / build (release) Successful in 35s
Details 
Remove the WithAllowAnonymousIfAttributePresent helper method.
Authorization should be handled by IQueryAuthorizationService and
ICommandAuthorizationService implementations, not by ASP.NET Core
middleware.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 13:07:03 -05:00
david.nguyen 932ee6e632 add AllowAnonymous support for MinimalApi endpoints
Publish NuGets / build (release) Successful in 37s
Details 
Endpoints with [AllowAnonymous] attribute on query/command class
now bypass ASP.NET Core authorization middleware.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 12:29:26 -05:00
1 changed files with 36 additions and 0 deletions
Expand all files Collapse all files
Svrnty.CQRS.Grpc.Generators/GrpcGenerator.cs
+36
View File
@@ -2291,6 +2291,7 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine("using Google.Protobuf.WellKnownTypes;");
sb.AppendLine($"using {rootNamespace}.Grpc;");
sb.AppendLine("using Svrnty.CQRS.Abstractions;");
sb.AppendLine("using Svrnty.CQRS.Abstractions.Security;");
sb.AppendLine();
sb.AppendLine($"namespace {rootNamespace}.Grpc.Services");
@@ -2321,6 +2322,17 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine(" using var scope = _scopeFactory.CreateScope();");
sb.AppendLine(" var serviceProvider = scope.ServiceProvider;");
sb.AppendLine();
sb.AppendLine(" // Authorization check");
sb.AppendLine($" var authorizationService = serviceProvider.GetService<ICommandAuthorizationService>();");
sb.AppendLine(" if (authorizationService != null)");
sb.AppendLine(" {");
sb.AppendLine($" var authResult = await authorizationService.IsAllowedAsync(typeof({command.FullyQualifiedName}), context.CancellationToken);");
sb.AppendLine(" if (authResult == AuthorizationResult.Unauthorized)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.Unauthenticated, \"Unauthorized\"));");
sb.AppendLine(" if (authResult == AuthorizationResult.Forbidden)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.PermissionDenied, \"Forbidden\"));");
sb.AppendLine(" }");
sb.AppendLine();
sb.AppendLine($" var command = new {command.FullyQualifiedName}");
sb.AppendLine(" {");
foreach (var prop in command.Properties)
@@ -2425,6 +2437,7 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine("using Microsoft.Extensions.DependencyInjection;");
sb.AppendLine($"using {rootNamespace}.Grpc;");
sb.AppendLine("using Svrnty.CQRS.Abstractions;");
sb.AppendLine("using Svrnty.CQRS.Abstractions.Security;");
sb.AppendLine();
sb.AppendLine($"namespace {rootNamespace}.Grpc.Services");
@@ -2455,6 +2468,17 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine(" using var scope = _scopeFactory.CreateScope();");
sb.AppendLine(" var serviceProvider = scope.ServiceProvider;");
sb.AppendLine();
sb.AppendLine(" // Authorization check");
sb.AppendLine($" var authorizationService = serviceProvider.GetService<IQueryAuthorizationService>();");
sb.AppendLine(" if (authorizationService != null)");
sb.AppendLine(" {");
sb.AppendLine($" var authResult = await authorizationService.IsAllowedAsync(typeof({query.FullyQualifiedName}), context.CancellationToken);");
sb.AppendLine(" if (authResult == AuthorizationResult.Unauthorized)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.Unauthenticated, \"Unauthorized\"));");
sb.AppendLine(" if (authResult == AuthorizationResult.Forbidden)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.PermissionDenied, \"Forbidden\"));");
sb.AppendLine(" }");
sb.AppendLine();
sb.AppendLine($" var handler = serviceProvider.GetRequiredService<{query.HandlerInterfaceName}>();");
sb.AppendLine($" var query = new {query.FullyQualifiedName}");
sb.AppendLine(" {");
@@ -2736,6 +2760,7 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine("using Microsoft.Extensions.DependencyInjection;");
sb.AppendLine($"using {rootNamespace}.Grpc;");
sb.AppendLine("using Svrnty.CQRS.Abstractions;");
sb.AppendLine("using Svrnty.CQRS.Abstractions.Security;");
sb.AppendLine("using Svrnty.CQRS.DynamicQuery.Abstractions;");
sb.AppendLine("using PoweredSoft.DynamicQuery.Core;");
sb.AppendLine();
@@ -2768,6 +2793,17 @@ namespace Svrnty.CQRS.Grpc.Generators
sb.AppendLine(" using var scope = _scopeFactory.CreateScope();");
sb.AppendLine(" var serviceProvider = scope.ServiceProvider;");
sb.AppendLine();
sb.AppendLine(" // Authorization check");
sb.AppendLine($" var authorizationService = serviceProvider.GetService<IQueryAuthorizationService>();");
sb.AppendLine(" if (authorizationService != null)");
sb.AppendLine(" {");
sb.AppendLine($" var authResult = await authorizationService.IsAllowedAsync(typeof({dynamicQuery.QueryInterfaceName}), context.CancellationToken);");
sb.AppendLine(" if (authResult == AuthorizationResult.Unauthorized)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.Unauthenticated, \"Unauthorized\"));");
sb.AppendLine(" if (authResult == AuthorizationResult.Forbidden)");
sb.AppendLine(" throw new RpcException(new global::Grpc.Core.Status(global::Grpc.Core.StatusCode.PermissionDenied, \"Forbidden\"));");
sb.AppendLine(" }");
sb.AppendLine();
// Build the dynamic query object
if (dynamicQuery.HasParams)