Is this a good way create an isolated dependency scope with “overrides” in Asp.Net Core?

Some of the classes in my multi-tenant Asp.Net Core application depend on database repositories which in turn depend on a delegate called GetCurrentTenantKey.

In the normal request pipeline, the GetCurrentTenantKey delegate will be resolved to a Func that returns the tenant key found in the current users auth token.

But then I have a few background tasks that also need access to repositories, and in those cases, the tenant key doesn’t come from any “current user”, rather I’d like to provide it then and there. I thought the best solution would be to manually bind GetCurrentTenantKey to a local Func, but I don’t want to affect the “normal” dependency tree in any way.

This is the class you’ll use to create a scope:

public class IsolatedServiceScopeFactory : IServiceScopeFactory {     private readonly IServiceCollection _services;      public IsolatedServiceScopeFactory(IServiceCollection services)     {         _services = services;     }      public IServiceScope CreateScopeWithOverrides(Func<IServiceCollection, IServiceCollection> overrides)     {         var detachedCollection = new ImmutableServiceCollection(_services);          var collectionWithOverrides = overrides(detachedCollection);          return collectionWithOverrides.BuildServiceProvider().CreateScope();     }      public IServiceScope CreateScope() => _services.BuildServiceProvider().CreateScope(); } 

It’s intended to be used like this:

using (var serviceScope = _serviceScopeFactory.CreateScopeWithOverrides(x => x     .AddScoped<GetCurrentTenantKey>(y => () => "any string")     .AddSingleton<SomeOtherOverride>() )) {     // This will be resolved using my "overridden" version of GetCurrentTenantKey     var myRepository = serviceScope.ServiceProvider.GetRequiredService<IRepository<SomeType>>(); } 

The ImmutableServiceCollection class is quite simple:

public class ImmutableServiceCollection : IServiceCollection {     private ImmutableList<ServiceDescriptor> _services;      public ImmutableServiceCollection(IEnumerable<ServiceDescriptor> services)     {         _services = services.ToImmutableList();     }      public IEnumerator<ServiceDescriptor> GetEnumerator()     {         return _services.GetEnumerator();     }      IEnumerator IEnumerable.GetEnumerator()     {         return GetEnumerator();     }      public void Add(ServiceDescriptor item)     {         _services = _services.Add(item);     }      public void Clear()     {         _services = _services.Clear();     }      public bool Contains(ServiceDescriptor item)     {         return _services.Contains(item);     }      public void CopyTo(ServiceDescriptor[] array, int arrayIndex)     {         _services.CopyTo(array, arrayIndex);     }      public bool Remove(ServiceDescriptor item)     {         var removed = _services.Contains(item);         _services = _services.Remove(item);          return removed;     }      public int Count => _services.Count;      public bool IsReadOnly { get; } = true;      public int IndexOf(ServiceDescriptor item)     {         return _services.IndexOf(item);     }      public void Insert(int index, ServiceDescriptor item)     {         _services = _services.Insert(index, item);     }      public void RemoveAt(int index)     {         _services = _services.RemoveAt(index);     }      public ServiceDescriptor this[int index]     {         get => _services[index];         set => _services = _services.SetItem(index, value);     } } 

It seems to work, but I’m not sure if I’ve maybe went about this the wrong way somehow?

Thankful for any comments

Is this a good way to create an isolated scope of dependencies in Asp.Net Core?

Some of the classes in my multi-tenant Asp.Net Core application depend on database repositories which in turn depend on a delegate called GetCurrentTenantKey.

In the normal request pipeline, the GetCurrentTenantKey delegate will be resolved to a Func that returns the tenant key found in the current users auth token.

But then I have a few background tasks that also need access to repositories, but in those cases, the tenant key doesn’t come from any “current user”, rather I’d like to provide it then and there. I thought the best solution would be to manually bind GetCurrentTenantKey to a local Func, but I don’t want to affect the “normal” dependency tree in any way.

Asp.Net Core´s own dependency resolution system lacks a bit of feature compared to for example StructureMap or Ninject, so I had to write this myself. Here’s my my solution:

public class MyBackgroundTask {     private readonly IServiceCollection _services;      public MyBackgroundTask(IServiceCollection services)     {         _services = services;     }      public Task StartAsync(CancellationToken cancellationToken)     {         foreach (string tenantKey in new [] { "tenant1", "tenant2", "tenant3" })         {             var immutableServices = new DetachedServiceCollection(_services);              immutableServices.AddOrReplaceSingleton<GetCurrentTenantKey>(() => tenantKey);              var repo = immutableServices.BuildServiceProvider().GetService<SomeRepository>();              // ...         }     } }  public class DetachedServiceCollection : IServiceCollection {     private ImmutableList<ServiceDescriptor> _services;      public DetachedServiceCollection(IEnumerable<ServiceDescriptor> services)     {         _services = services             .ToImmutableList();     }      public void AddOrReplaceSingleton<TService>(TService implementation)     {         var serviceDescriptor = new ServiceDescriptor(typeof(TService), implementation);          _services.RemoveAll(x => x is TService);         Add(serviceDescriptor);     }      public IEnumerator<ServiceDescriptor> GetEnumerator()     {         return _services.GetEnumerator();     }      IEnumerator IEnumerable.GetEnumerator()     {         return GetEnumerator();     }      public void Add(ServiceDescriptor item)     {         _services = _services.Add(item);     }      public void Clear()     {         _services = _services.Clear();     }      public bool Contains(ServiceDescriptor item)     {         return _services.Contains(item);     }      public void CopyTo(ServiceDescriptor[] array, int arrayIndex)     {         _services.CopyTo(array, arrayIndex);     }      public bool Remove(ServiceDescriptor item)     {         var removed = _services.Contains(item);         _services = _services.Remove(item);          return removed;     }      public int Count => _services.Count;      public bool IsReadOnly { get; } = true;      public int IndexOf(ServiceDescriptor item)     {         return _services.IndexOf(item);     }      public void Insert(int index, ServiceDescriptor item)     {         _services = _services.Insert(index, item);     }      public void RemoveAt(int index)     {         _services = _services.RemoveAt(index);     }      public ServiceDescriptor this[int index]     {         get => _services[index];         set => _services = _services.SetItem(index, value);     } } 

I’ve now had this solution in place for a few months and it seems to work as intended, but I’m worried that there’s something I haven’t thought about, or if I’m going about it the wrong way.

Does this seems like a good way to solve the problem, or is there something I should do differently?

Thanks!

C++ in isolated environment as “scripting language” [on hold]

I want to make a game were you can control machines & co. with a computer which you can write in C++. This code should be run in isolation so that players can’t affect with their code the running system, especially on dedicated servers. I don’t know if I should run a lightweight VM then there is the question of how I can remove basic OS interaction and add special-function-registers or interaction methods with the game. Or should I use an Emulator, Interpreter or a Container? But then which software/library has these criteria?

Secure architecture for isolated printer network

I am very new to “networking” and security, but I realize that it would be more secure to have printers on their own “isolated network”.

  • How do I secure my networked printers?
  • What kind of printers do the most secure companies use?

I am unsure what the correct or what a good structure is for creating an “isolated network”. Wondering if it means essentially this (for a home-based system):

  1. Create a second account with some ISP, or perhaps just ask for some separate thingy on the existing account.
  2. Buy a second router.
  3. Disable internet access for this router, so it only functions as a local wifi system. Or maybe the printers don’t need wifi and can use ethernet instead.
  4. Connect a laptop to the network somehow, so it can send its print jobs to the printer.

I can see a few holes in that so far, and it seems incomplete. I’m wondering what the typical system is for making a secure isolated network such as for these printers, which you can still send commands to only from specific places (like from a laptop or phone).