Search code examples
c#permissionstokenorchardcmsauthorizationservices

Store global token in Cache

I have a module which in the AuthorizationServiceEventHandler Checking or Complete Events i'm sending a request to an external API which gives me some instructions like what modules should be enabled/displayed to the user .

The appraoch i want to follow is storing this instructions somewhere probably on the cache and then whenever a Service module Exposed being requested by the user (through a controller ) the module will check the instructions using the CacheManager .
the problem with the standard Permissions answered by ViRuSTriNiTy is the instructions or permissions may changes depending on other permission (like if permission A is granted the permission C is also granted ) and this instructions are decided by an external API and will be changing all the time .

i'm trying for days to find a proper way or approach to follow to achieve this .

This Illustrate what my module will be doing . ViRuSTriNiTy

So the API will not be giving specifically that module 1 and module 3 should be enabled, it will only gives you instructions . House should be replaced by hospital

EDIT 1: what i meant by house should be hopistal in the picture Api responds with Hopistal instead of house i just messed it up .

EDIT 2: what i want to achieve is a module which control what modules should be available to a specific user, every user has different characteristics which the API will examine and decide what values will be returned to the module , and the module then depending on those instructions will determine which modules will be available to the user .

E.g a user which has no house will not use the House module like permissions the module will returns an Unauthorized httpcode with a styled message : You have no house .

Solution

  • I think you need to define some permissions first.

    Example:

    Permission A in Module House: CanAccess

    Permission B in Module Children: CanAccess

    Now in your handler you can get the module from the permission and then ask the API to return the appropriate value.

    Permission House.CanAccess > Module House -> ExternalAPI.CanAccess(House) -> return from handler as needed