如何“启用只读功能"?在瞥见? [英] How do I "enabled in a read only capacity" in Glimpse?

问题描述

我希望能够查看用户会话以进行调试.我试图按照此处中的历史记录"标签的设置说明进行操作.我不清楚我如何以只读身份启用瞥见功能，而我的google-fu却让我失望了.有人可以指出我正确的方向吗?

I want to be able to view user sessions for debugging purposes. I am attempting to follow the setup instructions for the History tab located here. I am not clear how I enable glimpse in a read only capacity, and my google-fu is failing me. Can someone point me in the right direction?

从文档中:

接下来，您将需要标记其会话"为启用了Glimpse 以只读方式(这意味着Glimpse将收集信息 但他们无法查看).通常，这是通过将标志设置为 它们(也许在用户表或其他类似机制中)并具有 自定义运行时策略查找该标志.

Next, you will want to flag their "session" as having Glimpse enabled in a read only capacity (meaning Glimpse will collect the information but they can't view it). Typically this is done by setting a flag on their (perhaps in the user table or another like mechanism) and having a Custom Runtime Policy look for that flag.

推荐答案

首先让我开始解释以下含义

Let me first start explaining what the following means

只读容量(意味着Glimpse会收集信息，但他们无法查看信息)

a read only capacity (meaning Glimpse will collect the information but they can't view it)

Glimpse有很多 IRuntimePolicy 即用型实现，还有更多的第三方或定制解决方案.

Glimpse has a bunch of IRuntimePolicy implementations that come out-of-the-box and there are many more, third party or custom made.

那些IRuntimePolicy实现可基于某些自定义逻辑来确定Glimpse在监视请求中应该走多远，甚至完全忽略其中的部分或全部. Glimpse在运行时对所有这些IRuntimePolicy实现调用RuntimePolicy Execute(IRuntimePolicyContext policyContext)方法.

Those IRuntimePolicy implementations determine how far Glimpse should go in monitoring requests or even completely ignore some or all of them based on some custom logic. Glimpse calls the RuntimePolicy Execute(IRuntimePolicyContext policyContext) method on all those IRuntimePolicy implementations at runtime.

每个IRuntimePolicy然后将返回 RuntimePolicy 指示Glimpse是应该继续监视请求还是完全停止监视.

Each IRuntimePolicy will then return a RuntimePolicy indicating whether Glimpse should continue to monitor the request or even to stop monitoring completely.

如果查看RuntimePolicy值，则将看到它是一个标志枚举，其中每个值的限制都比前一个限制小(ExecuteResourceOnly值除外，这是特例).

If you look at the RuntimePolicy values then you will see that it is a flags enumeration where each value is less restrictive than the previous one (except for the ExecuteResourceOnly value, which is a special case).

在您的情况下，您希望监视，收集和持久保存有关应用程序用户的请求的数据，这种方式使得他们在页面底部看不到Glimpse Client，也不需要 flag 本身.如果查看RuntimePolicy，则值PersistResults是要分配给用户的请求的上限值，同时请记住，Off值可能仍然是一个或多个请求的有效值.

In your case you want to monitor, collect and persist data about requests made by users of your application and this in such a way that they don't see the Glimpse Client at the bottom of the page nor that they need to flag themselves. If you look at the RuntimePolicy than the value PersistResults is the upper value you want requests of your users to be assigned, while keeping in mind that an Off value might still be a valid value for one or more requests.

现在的问题是:如何在没有用户交互的情况下实现这一目标?

在通常情况下，您可以设置Glimpse Control cookie，该cookie将满足现成的Glimpse

Under normal circumstances you would set the Glimpse Control cookie which will satisfy the out-of-the-box Glimpse ControlCookiePolicy. If you are running in a production environment than most likely you have an additional IRuntimePolicy which makes sure only admins or super users are allowed to have that cookie set, otherwise anybody can set that cookie (that control cookie is not used for authorization) and get some sensitive data.

也就是说，您现在需要一个额外的IRuntimePolicy，它可以检查给定的请求是否符合监视条件，但同时指示应仅保留数据，而不能将其作为响应的一部分返回.然后，此检查应基于上面文档摘录中提到的标识您要监视的 session 的内容.因此，例如，如果您为用户分配一个DebugMySession角色，那么您将没有像这样的策略:

That said, you need an additional IRuntimePolicy now that checks whether the given request is eligible to be monitored but at the same time indicates that the data should only be persisted and not returned as part of the response. This check should then be based on something the identifies a session you want to monitor as mentioned in the documentation excerpt above. So if you would assign a user a DebugMySession role for instance than you could have a policy like this:

public RuntimePolicy Execute(IRuntimePolicyContext policyContext)
{
    var httpContext = policyContext.GetHttpContext();
    if (httpContext.User.IsInRole("DebugMySession"))
    {
        return RuntimePolicy.PersistResults; 
    }

    return RuntimePolicy.On;
}

请记住，返回RuntimePolicy.On并不意味着它会打开，它仅意味着此策略无关紧要，一旦处理完所有IRuntimePolicy实现，最终结果将是什么.这项政策仅是要确保如果已分配了该角色，则最终结果的限制永远不会比PersistResults少.

Keep in mind that returning RuntimePolicy.On does not mean it will be on, it only means that this policy doesn't matter what the final outcome will be once all IRuntimePolicy implementations have been processed. This policy only wants to make sure that if that role has been assigned, the final outcome can never be less restrictive than PersistResults.

应用上述内容还意味着您必须在配置中禁用ControlCookiePolicy，否则ControlCookiePolicy将返回RuntimePolicy.Off，因为cookie将不存在.

Applying the above also means that you will have to disable the ControlCookiePolicy in the configuration, otherwise the ControlCookiePolicy will return RuntimePolicy.Off as the cookie will not be there.

这同样适用于您的管理员或超级用户检查.因此，一个更好的主意可能是将管理员/超级用户角色检查与上面的调试角色检查结合使用，以便您有一个策略返回正确的RuntimePolicy值.

The same applies to your admin or super user check. So a better idea might be to combine the admin/super user role check with the debugging role check above, so that you have one policy returning the correct RuntimePolicy value.

这篇关于如何“启用只读功能"?在瞥见?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！