svrnty/dotnet-cqrs
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

Compare commits

base: svrnty/dotnet-cqrs:10.1.0-rc2
Branches Tags
svrnty/dotnet-cqrs:main svrnty/dotnet-cqrs:feat/altcha-check-pipeline svrnty/dotnet-cqrs:dev svrnty/dotnet-cqrs:staging svrnty/dotnet-cqrs:feature/events-kafka svrnty/dotnet-cqrs:JP svrnty/dotnet-cqrs:jp-codex-test
svrnty/dotnet-cqrs:10.3.0-altcha.2 svrnty/dotnet-cqrs:10.2.1-rc1 svrnty/dotnet-cqrs:10.2.0 svrnty/dotnet-cqrs:10.1.2 svrnty/dotnet-cqrs:10.1.1-rc3 svrnty/dotnet-cqrs:10.1.1-rc2 svrnty/dotnet-cqrs:10.1.1-rc1 svrnty/dotnet-cqrs:10.1.0-rc8 svrnty/dotnet-cqrs:10.1.0-rc7 svrnty/dotnet-cqrs:10.1.0-rc6 svrnty/dotnet-cqrs:10.1.0-rc5 svrnty/dotnet-cqrs:10.1.0-rc4 svrnty/dotnet-cqrs:10.1.0-rc3 svrnty/dotnet-cqrs:10.1.0-rc2 svrnty/dotnet-cqrs:10.1.0-rc1 svrnty/dotnet-cqrs:10.0.0 svrnty/dotnet-cqrs:10.0.0-preview-rc2 svrnty/dotnet-cqrs:10.0.0-preview-rc1
...
compare: svrnty/dotnet-cqrs:10.1.0-rc3
Branches Tags
svrnty/dotnet-cqrs:feat/altcha-check-pipeline svrnty/dotnet-cqrs:dev svrnty/dotnet-cqrs:staging svrnty/dotnet-cqrs:feature/events-kafka svrnty/dotnet-cqrs:main svrnty/dotnet-cqrs:JP svrnty/dotnet-cqrs:jp-codex-test
svrnty/dotnet-cqrs:10.3.0-altcha.2 svrnty/dotnet-cqrs:10.2.1-rc1 svrnty/dotnet-cqrs:10.2.0 svrnty/dotnet-cqrs:10.1.2 svrnty/dotnet-cqrs:10.1.1-rc3 svrnty/dotnet-cqrs:10.1.1-rc2 svrnty/dotnet-cqrs:10.1.1-rc1 svrnty/dotnet-cqrs:10.1.0-rc8 svrnty/dotnet-cqrs:10.1.0-rc7 svrnty/dotnet-cqrs:10.1.0-rc6 svrnty/dotnet-cqrs:10.1.0-rc5 svrnty/dotnet-cqrs:10.1.0-rc4 svrnty/dotnet-cqrs:10.1.0-rc3 svrnty/dotnet-cqrs:10.1.0-rc2 svrnty/dotnet-cqrs:10.1.0-rc1 svrnty/dotnet-cqrs:10.0.0 svrnty/dotnet-cqrs:10.0.0-preview-rc2 svrnty/dotnet-cqrs:10.0.0-preview-rc1

1 Commits
10.1.0-rc2 ... 10.1.0-rc3

Author SHA1 Message Date
david.nguyen 201768e716 Revert AllowAnonymous endpoint propagation
Publish NuGets / build (release) Successful in 35s
Details 
Remove the WithAllowAnonymousIfAttributePresent helper method.
Authorization should be handled by IQueryAuthorizationService and
ICommandAuthorizationService implementations, not by ASP.NET Core
middleware.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 13:07:03 -05:00
1 changed files with 4 additions and 18 deletions
Expand all files Collapse all files
Svrnty.CQRS.MinimalApi/EndpointRouteBuilderExtensions.cs
+4 -18
View File
@@ -83,8 +83,7 @@ public static class EndpointRouteBuilderExtensions
.Produces(200, queryMeta.QueryResultType)
.Produces(400)
.Produces(401)
.Produces(403)
.WithAllowAnonymousIfAttributePresent(queryMeta.QueryType);
.Produces(403);
}
private static void MapQueryGet(
@@ -147,8 +146,7 @@ public static class EndpointRouteBuilderExtensions
.Produces(200, queryMeta.QueryResultType)
.Produces(400)
.Produces(401)
.Produces(403)
.WithAllowAnonymousIfAttributePresent(queryMeta.QueryType);
.Produces(403);
}
public static IEndpointRouteBuilder MapSvrntyCommands(this IEndpointRouteBuilder endpoints, string routePrefix = "api/command")
@@ -215,8 +213,7 @@ public static class EndpointRouteBuilderExtensions
.Produces(200)
.Produces(400)
.Produces(401)
.Produces(403)
.WithAllowAnonymousIfAttributePresent(commandMeta.CommandType);
.Produces(403);
}
private static void MapCommandWithResult(
@@ -263,17 +260,6 @@ public static class EndpointRouteBuilderExtensions
.Produces(200, commandMeta.CommandResultType)
.Produces(400)
.Produces(401)
.Produces(403)
.WithAllowAnonymousIfAttributePresent(commandMeta.CommandType);
}
private static RouteHandlerBuilder WithAllowAnonymousIfAttributePresent(this RouteHandlerBuilder builder, Type type)
{
var allowAnonymousAttribute = type.GetCustomAttribute<Microsoft.AspNetCore.Authorization.AllowAnonymousAttribute>();
if (allowAnonymousAttribute != null)
{
builder.AllowAnonymous();
}
return builder;
.Produces(403);
}
}