根据需求添加具有可变参数的.Net Core策略 [英] Adding .Net Core Policy with variable Parameters on Requirements
问题描述
我正在尝试实施一个非常详细的策略。
这个想法就像图像中一样。
I am trying to implement a Policy that is quite granular level. The idea is like in the image.
每个实体与右侧的实体始终具有一对多关系。
一个机构可以有很多课程,每个课程可以有很多主题,每个主题可以有很多教学大纲,等等...
Each entity has always the One-To-Many relation with the entity on the right. One Institution can have many Courses, each Course can have many Subjects, each Subject can have many Syllabus, etc...
有3个角色:管理员,贡献者,查看器
如果您在顶级实体之一中具有角色,则该角色将传播到其余的波纹管中。
例如:如果您是课程管理员,则是主题,课程提纲等的管理员...
If you have a Role in one of the top entities this role will be propagated to the rest bellow. E.g: If you are an Administrator of Course you are administrator of Subject, Syllabus, etc...
如果您是课程提纲之一的贡献者,
If you are Contributor of one of the Syllabus you will be Contributor for bellow Lessons and Videos of this Syllabus.
我尝试使用自定义政策解决该问题:
I have tried to solve it using Custom Policies:
添加如下要求:
public class AdministratorRequirement : IAuthorizationRequirement
{
public int UserId { get; private set; }
public EntityType EntityType { get; private set; }
public int EntityId { get; private set; }
public AdministratorRequirement(int userId, EntityType entityType, int entityId)
{
UserId = userId;
EntityType = entityType;
EntityId = entityId;
}
}
并在下面添加策略处理程序:
And adding the Policy Handler as bellow:
public class AdministratorHandler : AuthorizationHandler<AdministratorRequirement>
{
public IRolesRepository RolesRepository {get;set;}
public AdministratorHandler(IRolesRepository rolesRepository)
{
RolesRepository = rolesRepository;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AdministratorRequirement requirement)
{
// Save User object to access claims
bool isAdministrator = RolesRepository.CheckUserRole(requirement.UserId, requirement.EntityType, requirement.EntityId, "Administrator");
if (isAdministrator)
context.Succeed(requirement);
return Task.CompletedTask;
}
}
问题是我想来定义Startup类的变量要求:
The problem is that I would like to define variable requirement on the Startup class:
options.AddPolicy("CourseAdministrator",
policy => policy
.Requirements
.Add(
new AdministratorRequirement(
/*userId - should be variable*/ 0,
EntityType.Course,
/*int entityId - should be variable*/ 0))
并在类似
[Authorize(/*pass some parameters in here like user Id and course Id*/)]
[HttpPost]
[Route("create")]
public async Task<IActionResult> CreateCourse([FromBody] Course course)
{
//Or call the policy handler programatically in here.
CleanCacheOnUpdateCourse();
return Ok(await Services.CreateCourse(course, EmauaUser));
}
您知道是否有这样的解决方案吗?
Do you know if there is such a solution?
推荐答案
对于Policy,您需要传递satic变量。
For Policy, you need to pass the satic variable.
如果要检查动态地获得权限,您可以实现自己的 IAuthorizationFilter 像
If you want to check the permission dynamically, you could implement your own IAuthorizationFilter like
-
自定义
IAuthorizationFilter
public class CustomAuthorize : IAuthorizationFilter
{
private readonly int _input;
public CustomAuthorize(int input)
{
_input = input;
}
public void OnAuthorization(AuthorizationFilterContext context)
{
//custom validation rule
if (_input == 1)
{
context.Result = new ForbidResult();
}
}
}
-
自定义
CustomAuthorizeAttribute
public class CustomAuthorizeAttribute : TypeFilterAttribute
{
public CustomAuthorizeAttribute(int input) : base(typeof(CustomAuthorize))
{
Arguments = new object[] { input };
}
}
使用
Use
[CustomAuthorizeAttribute(1)]
public IActionResult About()
这篇关于根据需求添加具有可变参数的.Net Core策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
