ASP.NET MVC:中对面[是否授权] [英] ASP.NET MVC: Opposite of [Authorise]
本文介绍了ASP.NET MVC:中对面[是否授权]的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在授权筛选器允许您可以访问控制器或操作的用户指定组:
The authorize filter allows you to specified group of users that can access a controller or action:
[Authorize(Roles="Administrator")]
public class HomeController : Controller
{
// code
}
我想知道,如果有可能,而是指定一组用户不能的访问控制器或者动作。
I would like to know if it is possible to, instead, specify a group of users that cannot access a controller or action.
推荐答案
我试图创造我自己的AuthorizationAttribute TWK的建议后:
I tried creating my own AuthorizationAttribute after twk's suggestion:
public class Restrict : AuthorizeAttribute
{
private readonly string _role;
public Restrict(string role)
{
_role = role;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
throw new ArgumentNullException("httpContext");
if (httpContext.User.IsInRole(_role))
return false;
return true;
}
}
和我使用它是这样的:
[Restrict("Administrator")]
public class HomeController : Controller
{
// code
}
我不确定是否是正确的做法,但它的工作。
I'm unsure whether it is correct practice but it does the job.
这篇关于ASP.NET MVC:中对面[是否授权]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文