登录用户可以访问给定URL后面的签入代码 [英] Check in code behind a given url is accesable for loggedin user

问题描述

我想检查登录用户可访问的URL.

详细信息:我正在为带有安全调整功能的自定义菜单创建一个Web部件.菜单项从自定义列表中填充.我想从列表中获取每个项目，检查其url(当前用户是否可以访问它)，如果是，则将此行添加到新的数据表中，最后将此数据表绑定到我的controller(datalist).

例如

Hi,

I want to check the url accessible for the logged in user.

In Detail: I am creating a web part for custom menu with security trimming. Menu Items are populating from a custom list. I want to fetch each item from the list, Check its url (whether it is accessible for the current user), if yes add this row to a new datatable and at last bind this datatable to my controller(datalist).

Eg.

foreach (ListItem item in listitemCollection)
{
    string url = item["pageurl"]

    if (Url is accessable) //<<==Need a code for this
    {
        Add url to a datatable
    }    
}

我不知道这种方法是否正确.如果您还有其他想法可以实现，请分享.

I don''t know whether this approach is right. If you have any other idea to achieve this please share.

推荐答案

尝试将URL存储在数据库中并创建一个Authorization表或组，然后将所有访问权限添加到表格中的URL.

在代码中，查看用户是否属于对URL具有授权的组(如果是)，然后执行代码(如果没有，则不添加).



桌子

网址

ID URL_NAME

群组

ID GROUP_NAME GROUP_DESCRIPTION

URLGROUPMAPPING TABLE


ID GROUPID URLID HASACCESS


如果特定grp的访问权限为true，则允许用户访问它，而不仅仅是丢弃它


在您的用户表中，您可能需要附加一列BelongsToGrp

Try Storing the URL in database and Create a Authorization table or group and add all the access permissions to the URLs in the table.

In code see if the user belongs to a group which has authorization to the URL if yes then perform the code if no do not add.



Tables

URLs

ID URL_NAME

Groups

ID GROUP_NAME GROUP_DESCRIPTION

URLGROUPMAPPING TABLE


ID GROUPID URLID HASACCESS


If for a particular grp has access is true then allow the user to access it if not just drop it


In your users table you may need to have an additional column BelongsToGrp

这篇关于登录用户可以访问给定URL后面的签入代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！