diff --git a/aspnetcore/diagnostics/asp0025.md b/aspnetcore/diagnostics/asp0025.md new file mode 100644 index 0000000000..430ad3b414 --- /dev/null +++ b/aspnetcore/diagnostics/asp0025.md @@ -0,0 +1,91 @@ +--- +title: "ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies." +ms.date: 05/11/2023 +description: "Learn about analysis rule ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies." +author: tdykstra +monikerRange: '>= aspnetcore-8.0' +ms.author: tdykstra +uid: diagnostics/asp0025 +--- +# ASP0025: Use AddAuthorizationBuilder to register authorization services and construct policies. + +| | Value | +|-|-| +| **Rule ID** |ASP0025| +| **Category** |Usage| +| **Fix is breaking or non-breaking** |Non-breaking| + +## Cause + +The use of can be converted to the new . + +## Rule description + +Use `AddAuthorizationBuilder` to register authorization services and construct policies. + +## How to fix violations + +To fix a violation of this rule, replace the usage of `AddAuthorization` with `AddAuthorizationBuilder`. + +The code fix converts any usage of the setters for the following properties of : + +* +* +* + +These setter usages are converted to equivalent method calls on : + +* +* +* + +No diagnostic is reported when the configure action passed to `AddAuthorization` uses any of the following members of `AuthorizationOptions`: + +* The method +* The getter +* The getter +* The getter + +`AuthorizationBuilder` doesn't have equivalents for these members of `AuthorizationOptions`, so they can't be converted. + +No diagnostic is reported if the configure action passed to `AddAuthorization` contains operations unrelated to `AuthorizationOptions`. The code fix would not be able to automatically map unrelated operations to the fluent API of `AddAuthorizationBuilder`. + +The following example shows code that triggers this diagnostic: + +```csharp +var builder = WebApplication.CreateBuilder(args); + +builder.Services.AddAuthorization(options => +{ + options.AddPolicy("AtLeast21", policy => + policy.Requirements.Add(new MinimumAgeRequirement(21))); +}); + +var app = builder.Build(); + +app.UseAuthorization(); + +app.Run(); +``` + +The following example shows the result of applying the code fix: + +```csharp +var builder = WebApplication.CreateBuilder(args); + +builder.Services.AddAuthorizationBuilder() + .AddPolicy("AtLeast21", policy => + { + policy.Requirements.Add(new MinimumAgeRequirement(21))); + }); + +var app = builder.Build(); + +app.UseAuthorization(); + +app.Run(); +``` + +## When to suppress warnings + +The severity level of this diagnostic is Information. Suppress warnings if you don't want to use the new syntax. diff --git a/aspnetcore/diagnostics/code-analysis.md b/aspnetcore/diagnostics/code-analysis.md index 29d35623cf..4598bf943d 100644 --- a/aspnetcore/diagnostics/code-analysis.md +++ b/aspnetcore/diagnostics/code-analysis.md @@ -4,7 +4,7 @@ author: tdykstra description: Learn about source code analysis in ASP.NET Core monikerRange: '>= aspnetcore-3.1' ms.author: riande -ms.date: 4/2/2023 +ms.date: 05/11/2023 uid: diagnostics/code-analysis --- # Code analysis in ASP.NET Core apps @@ -39,6 +39,7 @@ Diagnostic ID: * [ASP0022](xref:diagnostics/asp0022) * [ASP0023](xref:diagnostics/asp0023) * [ASP0024](xref:diagnostics/asp0024) +* [ASP0025](xref:diagnostics/asp0025) * [BL0001](xref:diagnostics/bl0001) * [BL0002](xref:diagnostics/bl0002) * [BL0003](xref:diagnostics/bl0003) diff --git a/aspnetcore/toc.yml b/aspnetcore/toc.yml index 16ccdd5a47..7a606ab6c2 100644 --- a/aspnetcore/toc.yml +++ b/aspnetcore/toc.yml @@ -1136,6 +1136,8 @@ items: uid: diagnostics/asp0023 - name: ASP0024 uid: diagnostics/asp0024 + - name: ASP0025 + uid: diagnostics/asp0025 - name: BL0001 uid: diagnostics/bl0001 - name: BL0002