基于角色的某些观点的用户权限 [英] User permissions on certain views based on roles
问题描述
我使用ASP.NET MVC 3,请原谅我的术语。我们在工作中角色分配给特定的人,那么我们使用Windows身份验证,以确定用户所拥有什么样的角色。比方说,该角色是RoleA,RoleB和ROLEC。所以,现在我得到了用户角色的列表。让我们说,用户A属于RoleA和RoleB。我的一些观点需要被认证为不是每个人都可以查看特定的观点。让我们说,ViewA只能属于角色RoleA和RoleB用户查看。我会怎么做呢?什么会我需要考虑?当不属于这些角色的用户尝试访问的看法,那么他/她应该被重定向到一个错误页面。
另外,我需要一些辅助方法,来检查这些角色,以及在我的意见被用来隐藏/显示某些控制。哪里是利用这个最好的地方?
任何样品code /文章将AP preciated。
[授权(角色=RoleA,RoleB)]
公众的ActionResult美孚()
{
返回查看();
}
如果你要检查在视图中的角色:
@if(User.IsInRole(RoleA))
{
< DIV>这将是可见只有在RoleA&LT的用户; / DIV>
}
I am using ASP.NET MVC 3. Please excuse my terminology. We assign roles to certain people at work, then we use Windows authentication to determine what roles a user has. Lets say the roles are RoleA, RoleB and RoleC. So now I get a list of roles for a user. Lets says that UserA belongs to RoleA and RoleB. Some of my views need to be authenticated as not everyone can view certain views. Lets say that ViewA can only be viewed by users that belong to roles RoleA and RoleB. How would I do this? What would I need to look into? When a user that does not belong to these roles tries to access the views then he/she should be redirected to an error page.
Also, I need some sort of helper method to check these roles as well to be used in my views to hide/display certain controls. Where is the best place to use this?
Any sample code / articles would be appreciated.
[Authorize(Roles = "RoleA,RoleB")]
public ActionResult Foo()
{
return View();
}
And if you want to check roles in the view:
@if (User.IsInRole("RoleA"))
{
<div>This will be visible only to users in RoleA</div>
}
这篇关于基于角色的某些观点的用户权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
