ASP.NET MVC,'票务必需的'属性 [英] ASP.NET MVC, 'Ticket Required' Attribute
问题描述
我试图建立一个系统,允许用户执行某些操作,但他们的帐户必须有一个特定的门票每次他们这样做。例如,假设他们希望创建一个产品
,他们需要一个 CreateProductTicket
。
I am attempting to build a system that allows users to perform certain actions, but their account must have a specific 'Ticket' per time they do it. For instance, suppose they wish to create a Product
, they would need a CreateProductTicket
.
我可以简单地做一些如果语句,肯定的,但我想尝试多一点一个强大的解决方案。我的结构看起来是这样的...
I could simply do this with some 'if' statements, sure, but I want to try a bit more of a robust solution. My structure looks something like this...
interface ITicket<T> where T : ITicketable
{
}
我的基本目标是建立一个属性,也许像下面的。
My basic goal is to build an Attribute, perhaps like the following..
public class TicketRequiredAttribute : Attribute
{
public TicketRequiredAttribute(ITicket<T> ticket)
{
if(ticket == null)
return;
}
}
并能装点控制器或库这一行动。因此,像...
And to be able to decorate Controller or Repository Actions with this. So like ...
[TicketRequired(CreateProductTicket)]
public ActionResult CreateProduct(Product product)
{
// ... **I am unsure how to tell if TicketRequired was true or not**
}
问题1
我不带属性足够熟悉,知道如何判断TicketRequired是符合或没有。任何人都可以见识一下呢?
Problem 1
I'm not familiar enough with attributes to know how to tell if TicketRequired was 'met' or not. Can anyone enlighten me on this?
我遇到的问题是与数据库查询。我希望能够检查用户( IMembershi prepository
有一个的getUser
法),但我中号不完全肯定怎么做,通过一个属性。
The problem I am running into is with database querying. I want to be able to check the user (IMembershipRepository
has a GetUser
method), but I'm not entirely certain how to do that through an attribute.
使用 Castle.Windsor
,我有我的依赖注入设立注入到库控制器。我想我可以通过 IMembershi prepository
通过 TicketRequired
的构造,但我有一种感觉,这将成为很凌乱 - 极不稳定。有接近这更合乎逻辑的方式?
Using Castle.Windsor
, I have my Dependency Injection set up to inject repositories into controllers. I suppose I could pass the IMembershipRepository
through the TicketRequired
constructor, but I have a feeling that will become very messy - and extremely unstable. Is there a more logical way to approach this?
推荐答案
您快到了。您可以在 http://www.asp.net/mvc找到更多详情/教程/谅解行动过滤器-CS
由于该网站是在那里我做我的所有授权我只会用行动上的属性。
I would only use the attribute on the action since the website is where I do all my authorization.
下面是一个可能的解决方案。我没有测试过这一点,但它应该工作。你需要验证,我重定向方式,不知道这是正确的方式。
Here is a possible solution. I have not tested this, but it should work. You'll need to verify the way I'm redirecting, not sure if that's the proper way.
public class TicketRequiredActionFilter : ActionFilterAttribute
{
private Type _ticketType;
public TicketRequiredAttribute(Type ticketType)
{
_ticketRequired = ticketType;
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
UserServices userServices = GetUserServicesViaDIContainer(); // you'll need to figure out how to implement this
string userId = filterContext.HttpContext.User.Identity.Name
bool hasTicket = userServices.HasTicket(_ticketType, (int)userId); // again, you'll need to figure out the exact implementation
if(!hasTicket)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Home" }, {"action", "NoPermission" } })
}
else
{
base.OnActionExecuting(filterContext);
}
}
}
在你的控制器:
[TicketRequiredActionFilter(typeof(CreateProductTicket))]
public ActionResult MyMethod()
{
// do stuff as if the person is authorized and has the ticket
}
如果用户没有票,一个重定向是问题;,否则,继续正常。
If the user doesn't have the ticket, a redirect is issues;, otherwise, continue as normal.
这篇关于ASP.NET MVC,'票务必需的'属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!