Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider whether Access Policy Checking should be part of the operation invoker. #25

Open
mwadams opened this issue Jan 13, 2020 · 1 comment
Open

Consider whether Access Policy Checking should be part of the operation invoker. #25

mwadams opened this issue Jan 13, 2020 · 1 comment

Comments

@mwadams
Copy link
Contributor

mwadams commented Jan 13, 2020

Describe the bug
At the moment, Access Checking is performed in the OperationInvoker, but execution scope is currently in the OpenApiHost.

It feels like the access checking (which does not depend on anything unavailable to the Host) should be moved up to the Host level.
@mwadams
Copy link
Contributor Author

mwadams commented Jan 13, 2020

Although, looking more closely, it is possible that that access checking is fine where it is, and the scope building should be moved down into the invoker.

It depends on how we view the role of the Host as opposed to the operation invocation. I don't believe we have clarity on that - the host no longer seems to do very much at all, and delegates everything to the "invoker" - should we just roll it all up into the host?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mwadams