Aspnetcore: ًWhat if i used both Authorized[policy] and Authorized[role] above my controller?

Created on 23 Feb 2019  ·  3Comments  ·  Source: dotnet/aspnetcore

I used both Authorized[policy] and Authorized[role] above my controller, i want to know AND statement is happens (between Authorized[policy] and Authorized[Role]) or OR statement.

area-mvc question
Source
picture HaniehRezayi

All 3 comments

It depends which version and what compability mode actually. The intention was that policies would always combine as an AND.

However, this was incorrect, and would combine as an OR in ASP.NET Core 1.0, 1.1, and 2.0.

We discovered the problem in 2.1, but because it's a breaking change of behaviour, it is tied to a compatibility switch in 2.1 and 2.2.

In 3.0 multiple policies always combine as an AND.

rynowak picture rynowak on 23 Feb 2019
👍1

Thanks for your responses, but when will the new version(3.0) be released?

HaniehRezayi picture HaniehRezayi on 24 Feb 2019

There are previews available now - https://dotnet.microsoft.com/download/dotnet-core/3.0

I don't have an official release date to share yet.

rynowak picture rynowak on 25 Feb 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

BrennanConroy picture BrennanConroy  ·  3Comments
TanvirArjel picture TanvirArjel  ·  3Comments
rbanks54 picture rbanks54  ·  3Comments
farhadibehnam picture farhadibehnam  ·  3Comments
bgribaudo picture bgribaudo  ·  3Comments