Using Blazor WASM, I want to implement a dynamic Permissions based authorization system that isn't definable at build time. The current "Policy based" authorization built-in system requires that policies are defined at build time and this doesn't work for me as all of my Permissions are assigned via my own Permissions system that is database based.
Requirements:
- Permissions are stored in a database and assigned to a user (in my case, they are assigned to a Role, which is assigned to a User). But this can be any structure.
- Permissions are placed as Claims on the User during Authentication.
- Permissions are based on a Page Name and a specific Permission such as "Allow Create".
- The Claim will be in the form of Type="Permission", Value = "Users - Allow View"
- Ability to Attribute the razor / blazor pages with something similar to the Authorize attribute such as "[PagePermissions(PageName = "Users", Permission=Permission.View)]"
- Ability to use "<AuthorizeView ...> ... " in the same fashion with the Page Name and Permission.
The Asp.Net built in Authorization works on Policies, which need to be defined at build time such as so:
builder.Services.AddAuthorization(options =>{ options.AddPolicy("AtLeast21", policy => policy.Requirements.Add(new MinimumAgeRequirement(21)));});Roles work the same as it uses the Policy system under the covers.
Neither of these work for my scenario as none of my information is known at build time.