Interface IAuthorizeResource<TResource>

Namespace

Trellis.Authorization

Assembly

Trellis.Authorization.dll

Declares resource-based authorization that requires a loaded resource. Implemented by the command/query. The pipeline loads the resource via IResourceLoader<TMessage, TResource> and passes it to this method.

public interface IAuthorizeResource<in TResource>

Type Parameters

TResource

The type of the resource that must be loaded before authorization can be evaluated.

Extension Methods

MaybeExtensions.AsMaybe<T>(T)

MaybeExtensions.ToResult<TValue>(TValue)

NullableExtensions.ToResult<T>(T?, Func<Error>)

NullableExtensions.ToResult<T>(T?, Error)

AggregateTestMutator.ClearMaybeField<TEntity, TValue>(TEntity, Expression<Func<TEntity, Maybe<TValue>>>)

AggregateTestMutator.SetMaybeField<TEntity, TValue>(TEntity, Expression<Func<TEntity, Maybe<TValue>>>, TValue?)

Remarks

This interface receives the loaded resource — enabling ownership checks, tenant isolation, and other data-dependent authorization rules.

The resource is loaded by an IResourceLoader<TMessage, TResource> registered in DI. If loading fails (e.g., resource not found), the pipeline short-circuits with the loader's error before Authorize(Actor, TResource) is called.

Methods

Authorize(Actor, TResource)

Determines whether the actor is authorized to perform this operation against the given resource.

IResult Authorize(Actor actor, TResource resource)

Parameters

actor Actor

The current authenticated actor.

resource TResource

The loaded resource to authorize against.

Returns

IResult

A success result to proceed, or a failure result (typically Forbidden(string, string?)) to short-circuit the pipeline.