如何延长AuthorizeAttribute并检查用户的角色 [英] How to extend AuthorizeAttribute and check the user's roles

查看:178
本文介绍了如何延长AuthorizeAttribute并检查用户的角色的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我忙着写我自己的自定义属性,我叫MyAuthorizeAttribute操作方法,我还在忙着写代码,这里是我的部分代码:

I am busy writing my own custom attribute for my action method called MyAuthorizeAttribute, I am still busy writing the code, here is my partial code:

[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
public class  MyAuthorizeAttribute : AuthorizeAttribute
{
   public new Role Roles;

   public override void OnAuthorization(AuthorizationContext filterContext)
   {
      base.OnAuthorization(filterContext);

      if (Roles != 0)  // Did it this way to see what the value of Roles was
         return;

      // Here I am going to get a list of user roles
      // I'm doing my own database calls

      filterContext.Result = new HttpUnauthorizedResult();
   }
}

下面是我的角色枚举:

public enum Role
{
   Administrator = 1,
   SuperAdministrator = 2
}

我的操作方法:

[MyAuthorize(Roles = Role.Administrator|Role.SuperAdministrator)]
public ActionResult Create()
{
   return View();
}



为什么我没有用角色=管理员,超级管理员的原因是因为角色被硬编码。我不想有100个名额,如果角色名称的变化而变化。

The reason why I did not use Roles = "Administrator,SuperAdministrator" was because the roles are hard-coded. I don't want to have a 100 places to change if the role name changes.

由于我的方法,当它到达,如果(角色!= 0),那么角色总价值为3,我将如何检查,看看是否这些两个角色是在用户角色列表中为特定用户?

Given my method, when it gets to if (Roles != 0) then Roles total value is 3, how would I check to see if these 2 roles is in the list of user roles for a specific user?

我这样做是否正确吗?如果不是我将如何实施,否则这个?这并不一定是我做了它的方式。

Am I doing it correct here? If not how would I otherwise implement this? It doesn't have to be the way that I did it in.

推荐答案

这岂不是更好,如果MyAuthorizeAttribute接受一个I​​List (或类似)
这样,它既是类型安全的,但你不必使用位标志。
位标志是伟大的,如果你想保存reult,但这是另一种方式。

Would it not be better if MyAuthorizeAttribute accepted an IList ( or similar) That way it is both typesafe, but you don't have to use bit flags. Bit flags are great if you want to save the reult, but this is the other way.

编辑(现在用的例子):

Edit (Now with examples): 

Attribute:

[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
public class MyAuthorizeAttribute : AuthorizeAttribute
{
    public Role[] RoleList { get; set; }


    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        if (httpContext == null)
        {
            throw new ArgumentNullException("httpContext");
        }
        IPrincipal user = httpContext.User;
        if (!user.Identity.IsAuthenticated)
        {
            return false;
        }
        //Only role access is implemented here
        /*if ((this._usersSplit.Length > 0) && !this._usersSplit.Contains<string>(user.Identity.Name, StringComparer.OrdinalIgnoreCase))
        {
            return false;
        }*/
        if ((RoleList.Length > 0) && !RoleList.Select(p=>p.ToString()).Any<string>(new Func<string, bool>(user.IsInRole)))
        {
            return false;
        }
        return true;
    }

}



控制器:

Controller:

[MyAuthorize(RoleList = new []{Role.Administrator , Role.SuperAdministrator} )]
    public ActionResult Create()
    {
        return View();
    }

这篇关于如何延长AuthorizeAttribute并检查用户的角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆