From 4cc4164d886fcf9909fb5195c8c4c87fa1fa03a9 Mon Sep 17 00:00:00 2001 From: Tom Dykstra Date: Thu, 11 May 2023 17:04:43 -0700 Subject: [PATCH 1/4] draft --- aspnetcore/diagnostics/asp0025.md | 91 +++++++++++++++++++++++++ aspnetcore/diagnostics/code-analysis.md | 3 +- aspnetcore/toc.yml | 2 + 3 files changed, 95 insertions(+), 1 deletion(-) create mode 100644 aspnetcore/diagnostics/asp0025.md diff --git a/aspnetcore/diagnostics/asp0025.md b/aspnetcore/diagnostics/asp0025.md new file mode 100644 index 000000000000..2d05192fab66 --- /dev/null +++ b/aspnetcore/diagnostics/asp0025.md @@ -0,0 +1,91 @@ +--- +title: "ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies." +ms.date: 05/11/2023 +description: "Learn about analysis rule ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies." +author: tdykstra +monikerRange: '>= aspnetcore-8.0' +ms.author: tdykstra +uid: diagnostics/asp0025 +--- +# ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies. + +| | Value | +|-|-| +| **Rule ID** |ASP0025| +| **Category** |Usage| +| **Fix is breaking or non-breaking** |Non-breaking| + +## Cause + +The app's usage of the older can be converted to the new . + +## Rule description + +Use AddAuthorizationBuilder to register authorization services and construct policies. + +## How to fix violations + +To fix a violation of this rule, replace the usage of `AddAuthorization` with `AddAuthorizationBuilder`. + +The code fix converts any usage of the setters for the following properties of : + +* +* +* + +These setter usages are converted to equivalent method calls on : + +* +* +* + +No diagnostic is reported when the configure action passed to `AddAuthorization` uses one of the following members of `AuthorizationOptions`: + +* The method +* The getter +* The getter +* The getter + +`AuthorizationBuilder` doesn't have equivalents for these members, so they can't be converted. + +No diagnostic is reported if the configure action passed to `AddAuthorization` contains operations unrelated to `AuthorizationOptions`. Unrelated operations could cause unintentional deletion of code when applying the code fix. It would not be easy and might not be possible to automatically map unrelated operations to the fluent API of `AddAuthorizationBuilder`. + +The following example is code that triggers this diagnostic: + +```csharp +var builder = WebApplication.CreateBuilder(args); + +builder.Services.AddAuthorization(options => +{ + options.AddPolicy("AtLeast21", policy => + policy.Requirements.Add(new MinimumAgeRequirement(21))); +}); + +var app = builder.Build(); + +app.UseAuthorization(); + +app.Run(); +``` + +The following example shows the result of the code fix: + +```csharp +var builder = WebApplication.CreateBuilder(args); + +builder.Services.AddAuthorizationBuilder() + .AddPolicy("AtLeast21", policy => + { + policy.Requirements.Add(new MinimumAgeRequirement(21))); + }); + +var app = builder.Build(); + +app.UseAuthorization(); + +app.Run(); +``` + +## When to suppress warnings + +This diagnostic is information only. Suppress warnings if you don't want to use the new syntax. diff --git a/aspnetcore/diagnostics/code-analysis.md b/aspnetcore/diagnostics/code-analysis.md index 29d35623cf83..4598bf943d38 100644 --- a/aspnetcore/diagnostics/code-analysis.md +++ b/aspnetcore/diagnostics/code-analysis.md @@ -4,7 +4,7 @@ author: tdykstra description: Learn about source code analysis in ASP.NET Core monikerRange: '>= aspnetcore-3.1' ms.author: riande -ms.date: 4/2/2023 +ms.date: 05/11/2023 uid: diagnostics/code-analysis --- # Code analysis in ASP.NET Core apps @@ -39,6 +39,7 @@ Diagnostic ID: * [ASP0022](xref:diagnostics/asp0022) * [ASP0023](xref:diagnostics/asp0023) * [ASP0024](xref:diagnostics/asp0024) +* [ASP0025](xref:diagnostics/asp0025) * [BL0001](xref:diagnostics/bl0001) * [BL0002](xref:diagnostics/bl0002) * [BL0003](xref:diagnostics/bl0003) diff --git a/aspnetcore/toc.yml b/aspnetcore/toc.yml index b4f20386d9c3..0eed37468d3f 100644 --- a/aspnetcore/toc.yml +++ b/aspnetcore/toc.yml @@ -1052,6 +1052,8 @@ items: uid: diagnostics/asp0023 - name: ASP0024 uid: diagnostics/asp0024 + - name: ASP0025 + uid: diagnostics/asp0025 - name: BL0001 uid: diagnostics/bl0001 - name: BL0002 From ce63e645230ca7e8f67c6046442fb212e5ffe937 Mon Sep 17 00:00:00 2001 From: Tom Dykstra Date: Fri, 12 May 2023 10:25:18 -0700 Subject: [PATCH 2/4] draft --- aspnetcore/diagnostics/asp0025.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/aspnetcore/diagnostics/asp0025.md b/aspnetcore/diagnostics/asp0025.md index 2d05192fab66..16ea2ac24810 100644 --- a/aspnetcore/diagnostics/asp0025.md +++ b/aspnetcore/diagnostics/asp0025.md @@ -46,11 +46,11 @@ No diagnostic is reported when the configure action passed to `AddAuthorization` * The getter * The getter -`AuthorizationBuilder` doesn't have equivalents for these members, so they can't be converted. +`AuthorizationBuilder` doesn't have equivalents for these members of `AuthorizationOptions`, so they can't be converted. -No diagnostic is reported if the configure action passed to `AddAuthorization` contains operations unrelated to `AuthorizationOptions`. Unrelated operations could cause unintentional deletion of code when applying the code fix. It would not be easy and might not be possible to automatically map unrelated operations to the fluent API of `AddAuthorizationBuilder`. +No diagnostic is reported if the configure action passed to `AddAuthorization` contains operations unrelated to `AuthorizationOptions`. The code fix would not be able to automatically map unrelated operations to the fluent API of `AddAuthorizationBuilder`. -The following example is code that triggers this diagnostic: +The following example shows code that triggers this diagnostic: ```csharp var builder = WebApplication.CreateBuilder(args); @@ -68,7 +68,7 @@ app.UseAuthorization(); app.Run(); ``` -The following example shows the result of the code fix: +The following example shows the recommended code: ```csharp var builder = WebApplication.CreateBuilder(args); @@ -88,4 +88,4 @@ app.Run(); ## When to suppress warnings -This diagnostic is information only. Suppress warnings if you don't want to use the new syntax. +The severity level of this diagnostic is Information. Suppress warnings if you don't want to use the new syntax. From 61eddb6a64ccc0cbd04ce67e3cef5a1d557aa13b Mon Sep 17 00:00:00 2001 From: Tom Dykstra Date: Fri, 12 May 2023 11:19:31 -0700 Subject: [PATCH 3/4] acrolinx --- aspnetcore/diagnostics/asp0025.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aspnetcore/diagnostics/asp0025.md b/aspnetcore/diagnostics/asp0025.md index 16ea2ac24810..a01e00541b98 100644 --- a/aspnetcore/diagnostics/asp0025.md +++ b/aspnetcore/diagnostics/asp0025.md @@ -21,7 +21,7 @@ The app's usage of the older * -No diagnostic is reported when the configure action passed to `AddAuthorization` uses one of the following members of `AuthorizationOptions`: +No diagnostic is reported when the configure action passed to `AddAuthorization` uses any of the following members of `AuthorizationOptions`: * The method * The getter @@ -68,7 +68,7 @@ app.UseAuthorization(); app.Run(); ``` -The following example shows the recommended code: +The following example shows the result of applying the code fix: ```csharp var builder = WebApplication.CreateBuilder(args); From c827dcab40f8957a3a3acc001a90942a8a7d3fb0 Mon Sep 17 00:00:00 2001 From: Tom Dykstra Date: Fri, 12 May 2023 17:32:14 -0700 Subject: [PATCH 4/4] Update aspnetcore/diagnostics/asp0025.md Co-authored-by: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com> --- aspnetcore/diagnostics/asp0025.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aspnetcore/diagnostics/asp0025.md b/aspnetcore/diagnostics/asp0025.md index a01e00541b98..430ad3b4144c 100644 --- a/aspnetcore/diagnostics/asp0025.md +++ b/aspnetcore/diagnostics/asp0025.md @@ -17,7 +17,7 @@ uid: diagnostics/asp0025 ## Cause -The app's usage of the older can be converted to the new . +The use of can be converted to the new . ## Rule description