Analyzers

Coalesce includes a set of C# Roslyn analyzers that help enforce best practices and catch common issues during development. These analyzers run in your IDE as well as part of your build process and provide warnings or errors when potential problems are detected.

The analyzers are shipped as part of the IntelliTect.Coalesce.Analyzer NuGet package and are automatically included when you reference the main Coalesce packages.

Available Rules

The following analyzer rules are currently available in Coalesce:

Usage

COA0001

PermissionLevel is only valid for class-level security attributes. For property-level security, use the Roles property to specify role-based access control.

COA0002

InjectAttribute can only be used on parameters of methods that are exposed by the Coalesce framework.

COA0003

Nested data sources and behaviors are automatically associated with their containing type and do not need the [Coalesce] attribute.

COA0004

The [Coalesce] attribute should only be applied to types that are supported by the Coalesce framework.

COA0005

Types marked with [Service], [StandaloneEntity], or [SimpleModel] require [Coalesce] attribute to be properly processed by the Coalesce framework.

COA0006

Methods marked with [Execute] require either [Coalesce] or [SemanticKernel] attribute to be properly processed by the Coalesce framework.

COA0007

SemanticKernelAttribute should not be used on service types or behavior types.

COA0008

Detects Coalesce attributes that have no effect when applied in certain contexts and should be removed for cleaner code.

COA0009

A nested behaviors class should not be defined when the containing model has Create, Edit, and Delete attributes all set to DenyAll, as the behaviors will never be used.

COA0010

Save-related methods should not be overridden when the containing model has Create and Edit attributes both set to DenyAll, as these methods will never be called.

COA0011

Delete-related methods should not be overridden when the containing model has Delete attribute set to DenyAll, as these methods will never be called.

COA0012

Ordering operations (OrderBy, OrderByDescending, ThenBy, ThenByDescending) applied to queries returned from GetQuery methods may be overridden by client-specified sorting. Consider moving the ordering logic to ApplyListDefaultSorting or using [DefaultOrderBy] attributes on model properties.

COA0013

Types can only have one of the following: [Service], [StandaloneEntity], [SimpleModel] attributes, or inherit from DbContext, IDataSource<T>, IBehaviors<T>, or IClassDto<T>.

COA0201

IFile parameters on Coalesce-exposed methods should specify suggested file types using the [FileType] attribute to improve default user experience.

Style

COA1001

ItemResult and ItemResult<T> constructors can often be replaced with implicit conversions from boolean, string, and object values. This provides cleaner, more readable code while maintaining the same functionality.

COA1002

Marks the unnecessary parts of ItemResult constructor calls that can be removed when using implicit conversions. This diagnostic helps IDE syntax highlighting identify which portions of the code will be simplified by the COA1001 code fix.

Security

COA2001

Data sources that perform authorization checks should ensure their served type has a default data source to prevent security bypasses. Without a default data source, clients can directly access the served type without the authorization logic.

Configuring Analyzers

The recommended way to configure the behavior of each analyzer rule is through your project's .editorconfig file. For example:

[*.cs]
# Suppress COA0002 analyzer
dotnet_diagnostic.COA0002.severity = none

# Change COA0003 to error
dotnet_diagnostic.COA0003.severity = error

You can also suppress specific analyzer warnings inline using #pragma directives:

#pragma warning disable COA0002
// Code that triggers COA0002
#pragma warning restore COA0002