Privileged.Components
1.0.1
dotnet add package Privileged.Components --version 1.0.1
NuGet\Install-Package Privileged.Components -Version 1.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Privileged.Components" Version="1.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Privileged.Components --version 1.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Privileged.Components, 1.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Privileged.Components as a Cake Addin #addin nuget:?package=Privileged.Components&version=1.0.1 // Install Privileged.Components as a Cake Tool #tool nuget:?package=Privileged.Components&version=1.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Privileged
Privileged is an isomorphic authorization library for restricting resources by action, subjct and fields. It's designed to be incrementally adoptable and can easily scale between a simple claim based and fully featured subject and action based authorization. It makes it easy to manage and share permissions across UI components, API services, and database queries.
Inspired by CASL
Features
- Versatile An incrementally adoptable and can easily scale between a simple claim based and fully featured subject and attribute based authorization.
- Isomorphic Can be used on frontend and backend and complementary packages make integration with Frontend and Backend effortless
- Declarative Thanks to declarative rules, you can serialize and share permissions between UI and API or microservices
General
Privileged operates on rules for what a user can actually do in the application. A rule itself depends on the 3 parameters:
- Action Describes what user can actually do in the app. User action is a word (usually a verb) which depends on the business logic (e.g.,
update,read). Very often it will be a list of words from CRUD -create,read,updateanddelete. - Subject The subject which you want to check user action on. Usually this is a business (or domain) entity name (e.g.,
Subscription,Post,User). - Fields Can be used to restrict user action only to matched subject's fields (e.g., to allow moderator to update
publishedfield ofPostbut not updatedescriptionortitle)
Examples
Using builder to create rules
var context = new PrivilegeBuilder()
.Allow("test", PrivilegeSubjects.All)
.Allow(PrivilegeActions.All, "Post")
.Forbid("publish", "Post")
.Build();
context.Allowed("read", "Post").Should().BeTrue();
context.Allowed("update", "Post").Should().BeTrue();
context.Allowed("archive", "Post").Should().BeTrue();
context.Allowed("read", "User").Should().BeFalse();
context.Allowed("delete", "Post").Should().BeTrue();
context.Allowed("publish", "Post").Should().BeFalse();
context.Allowed("test", "User").Should().BeTrue();
context.Allowed("test", "Post").Should().BeTrue();
Using fields
var context = new PrivilegeBuilder()
.Allow("read", "Post", ["title", "id"])
.Allow("read", "User")
.Build();
context.Allowed("read", "Post").Should().BeTrue();
context.Allowed("read", "Post", "id").Should().BeTrue();
context.Allowed("read", "Post", "title").Should().BeTrue();
context.Allowed("read", "Post", "ssn").Should().BeFalse();
context.Allowed("read", "User").Should().BeTrue();
context.Allowed("read", "User", "id").Should().BeTrue();
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- Microsoft.AspNetCore.Components.Web (>= 8.0.6)
- Privileged (>= 1.0.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.