I want to develop an Attribute-based access control (ABAC) Web API in ASP .NET Core, in which other businesses can define their environments, resources, actions, and subjects, because we do not want developers to hardcode details in their code.
I wanted you guys to help me understand more about what the environment and resources are in this case, and how can I provide access to a specific resource for a user.
For instance, in one of our businesses we can define employee entrance. I want to say: "Employee A" has "add" access to resource "employee attendances" in the "Attendance App" environment.
First of all, is this scenario defined correctly based on ABAC components? If so, how can I provide access to existing resources in a specific database? What exactly is an environment?
Well if you had the same question as mine, you can checkout this source code: dotnet-web-api-boilerplate
The project is a combination of both RBAC & ABAC