From 7cfc42ce0bfd38bf9132b7b53226299096f6b6dc Mon Sep 17 00:00:00 2001 From: Ivan Gubanov Date: Tue, 31 Mar 2026 11:22:23 +0300 Subject: [PATCH 1/3] added AuthorizationPolicy predicate to AddPlatformIntegrationEvents/IntegrationEventsOptions (to customize dashboard access) --- .../DependencyInjection.cs | 30 ++++++++++++++++++- .../Models/IntegrationEventsOptions.cs | 10 +++++++ 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/src/Bss.Platform.Events/DependencyInjection.cs b/src/Bss.Platform.Events/DependencyInjection.cs index 3e46b77..f67d064 100644 --- a/src/Bss.Platform.Events/DependencyInjection.cs +++ b/src/Bss.Platform.Events/DependencyInjection.cs @@ -9,6 +9,8 @@ using DotNetCore.CAP; using DotNetCore.CAP.Internal; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc.Filters; using Microsoft.Extensions.DependencyInjection; using Savorboard.CAP.InMemoryMessageQueue; @@ -53,7 +55,15 @@ public static IServiceCollection AddPlatformIntegrationEvents( o.Schema = eventsOptions.SqlServer.Schema; }); - x.UseDashboard(o => o.PathMatch = eventsOptions.DashboardPath); + x.UseDashboard(o => + { + o.PathMatch = eventsOptions.DashboardPath; + if (eventsOptions.AuthorizationPredicate is { } authPredicate) + { + o.AllowAnonymousExplicit = false; + o.AuthorizationPolicy = AddDashboardAuthorizationPolicy(services, authPredicate); + } + }); if (!eventsOptions.MessageQueue.Enable) { @@ -77,4 +87,22 @@ public static IServiceCollection AddPlatformIntegrationEvents( return services; } + + private static string AddDashboardAuthorizationPolicy(IServiceCollection services, Func> authPredicate) + { + const string policyName = "bss-platform-dashboard-auth"; + services.AddAuthorizationBuilder() + .AddPolicy( + policyName, + policy => policy.RequireAssertion(ctx => + { + var httpContext = ctx.Resource as HttpContext + ?? (ctx.Resource as AuthorizationFilterContext)?.HttpContext + ?? throw new("Can't authorize, http context is not available"); + + return authPredicate(httpContext); + })); + + return policyName; + } } diff --git a/src/Bss.Platform.Events/Models/IntegrationEventsOptions.cs b/src/Bss.Platform.Events/Models/IntegrationEventsOptions.cs index 5ea18fe..ea700e8 100644 --- a/src/Bss.Platform.Events/Models/IntegrationEventsOptions.cs +++ b/src/Bss.Platform.Events/Models/IntegrationEventsOptions.cs @@ -1,3 +1,5 @@ +using Microsoft.AspNetCore.Http; + namespace Bss.Platform.Events.Models; public class IntegrationEventsOptions @@ -11,6 +13,14 @@ public class IntegrationEventsOptions public IntegrationEventsSqlServerOptions SqlServer { get; set; } = default!; public IntegrationEventsMessageQueueOptions MessageQueue { get; set; } = default!; + + /// + /// Any condition to check that a user should get access to events dashboard + /// + /// + /// AuthorizationPolicyPredicate = (httpContext) => httpContext.RequestServices.GetRequiredService<ICurrentUser>().IsAdminAsync() + /// + public Func>? AuthorizationPredicate { get; set; } public static IntegrationEventsOptions Default => new() From 6443bb2704c309fb0717b422edac0aab31c6be51 Mon Sep 17 00:00:00 2001 From: Ivan Gubanov Date: Tue, 31 Mar 2026 17:08:41 +0300 Subject: [PATCH 2/3] updated UsePlatformApiDocumentation, allow register multiple Swagger docs (registered in SwaggerGenOptions) --- .../DependencyInjection.cs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/Bss.Platform.Api.Documentation/DependencyInjection.cs b/src/Bss.Platform.Api.Documentation/DependencyInjection.cs index 658b399..321a058 100644 --- a/src/Bss.Platform.Api.Documentation/DependencyInjection.cs +++ b/src/Bss.Platform.Api.Documentation/DependencyInjection.cs @@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; +using Microsoft.Extensions.Options; using Microsoft.OpenApi.Models; using Swashbuckle.AspNetCore.SwaggerGen; @@ -76,7 +77,14 @@ public static IApplicationBuilder UsePlatformApiDocumentation( x => { x.RoutePrefix = path; - x.SwaggerEndpoint($"/{path}/api/swagger.json", "api"); + var opts = app.ApplicationServices.GetRequiredService>() + .Value + .SwaggerGeneratorOptions.SwaggerDocs; + + foreach (var doc in opts) + { + x.SwaggerEndpoint($"/{path}/{doc.Key}/swagger.json", doc.Value.Title ?? doc.Key); + } }); } } From 7cb74389dabe70f96034fbeca4ea4605a234729e Mon Sep 17 00:00:00 2001 From: Ivan Gubanov Date: Tue, 31 Mar 2026 17:08:59 +0300 Subject: [PATCH 3/3] up version --- src/__SolutionItems/CommonAssemblyInfo.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/__SolutionItems/CommonAssemblyInfo.cs b/src/__SolutionItems/CommonAssemblyInfo.cs index 5f60071..cf6130e 100644 --- a/src/__SolutionItems/CommonAssemblyInfo.cs +++ b/src/__SolutionItems/CommonAssemblyInfo.cs @@ -4,9 +4,9 @@ [assembly: AssemblyCompany("Luxoft")] [assembly: AssemblyCopyright("Copyright © Luxoft 2026")] -[assembly: AssemblyVersion("1.6.7.0")] -[assembly: AssemblyFileVersion("1.6.7.0")] -[assembly: AssemblyInformationalVersion("1.6.7.0")] +[assembly: AssemblyVersion("1.6.8.0")] +[assembly: AssemblyFileVersion("1.6.8.0")] +[assembly: AssemblyInformationalVersion("1.6.8.0")] #if DEBUG [assembly: AssemblyConfiguration("Debug")]