在ASP.NET MVC非字符串角色名? [英] Non-string role names in ASP.NET MVC?
问题描述
ASP.NET MVC具有基于角色的安全性很好的支持,但字符串作为角色名称的用法是郁闷,仅仅是因为他们不能被强类型的枚举。
ASP.NET MVC has good support for role-based security, but the usage of strings as role names is maddening, simply because they cannot be strongly-typed as enumerations.
例如,我有我的应用程序的管理员的角色。 管理的字符串现在存在于我的行动的授权属性,在我的母版页(隐藏选项卡),在我的数据库(定义提供给每个用户的角色),并在我的$ C $任何其他地方C或视图文件,我需要为管理员或非管理员用户执行特殊的逻辑。
For example, I have an "Admin" role in my app. The "Admin" string will now exist in the Authorize attribute of my action, in my master page (for hiding a tab), in my database (for defining the roles available to each user), and any other place in my code or view files where I need to perform special logic for admin or non-admin users.
有没有更好的解决办法,总之写我自己的授权属性和过滤器,这将有可能枚举值的集合?
Is there a better solution, short of writing my own authorization attribute and filter, that would perhaps deal with a collection of enumeration values?
推荐答案
我通常使用一类具有一串字符串常量。这不是一个完美的解决方案,因为你需要记住坚持无处不在使用它,但至少摆脱错别字的可能性。
I usually use a class with a bunch of string constants. It's not a perfect solution, since you need to remember to stick to using it everywhere, but at least it gets rid of the possibility of typos.
static class Role {
public const string Admin = "Admin";
}
这篇关于在ASP.NET MVC非字符串角色名?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!