允许多个angular色访问控制器操作
现在我装饰一个像这样的方法来允许“成员”访问我的控制器操作
[Authorize(Roles="members")] 我如何允许多个angular色? 例如下面的不起作用,但它显示了我想要做的(允许“成员”和“pipe理”访问):
[Authorize(Roles="members", "admin")]
另一个select是在发布时使用一个授权filter,但删除内部的引号。
[Authorize(Roles="members, admin")]
如果你想使用自定义angular色,你可以这样做:
[Authorize(Roles = CustomRoles.Administrator +","+ CustomRoles.User)]
CustomRoles类:
public static class CustomRoles { public const string Administrator = "Administrador"; public const string User= "Usuario"; }
一个可能的简化将是子类AuthorizeAttribute :
public class RolesAttribute : AuthorizeAttribute { public RolesAttribute(params string[] roles) { Roles = String.Join(",", roles); } }
用法:
[Roles("members", "admin")]
从语义上讲,它和Jim Schmehil的答案一样。
对于MVC4,使用Enum ( UserRoles )和我的angular色,我使用一个自定义的AuthorizeAttribute 。
在我的控制行动,我做:
[CustomAuthorize(UserRoles.Admin, UserRoles.User)] public ActionResult ChangePassword() { return View(); }
我使用一个自定义的AuthorizeAttribute :
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)] public class CustomAuthorize : AuthorizeAttribute { private string[] UserProfilesRequired { get; set; } public CustomAuthorize(params object[] userProfilesRequired) { if (userProfilesRequired.Any(p => p.GetType().BaseType != typeof(Enum))) throw new ArgumentException("userProfilesRequired"); this.UserProfilesRequired = userProfilesRequired.Select(p => Enum.GetName(p.GetType(), p)).ToArray(); } public override void OnAuthorization(AuthorizationContext context) { bool authorized = false; foreach (var role in this.UserProfilesRequired) if (HttpContext.Current.User.IsInRole(role)) { authorized = true; break; } if (!authorized) { var url = new UrlHelper(context.RequestContext); var logonUrl = url.Action("Http", "Error", new { Id = 401, Area = "" }); context.Result = new RedirectResult(logonUrl); return; } } }
这是由FabricioMartínezTamayo修改的FNHMVC的一部分https://github.com/fabriciomrtnz/FNHMVC/
//Better Code With Adding a Subclass AuthorizeRole.cs [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)] class AuthorizeRoleAttribute : AuthorizeAttribute { public AuthorizeRoleAttribute(params Rolenames[] roles) { this.Roles = string.Join(",", roles.Select(r => Enum.GetName(r.GetType(), r))); } protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext) { if (filterContext.HttpContext.Request.IsAuthenticated) { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "action", "Unauthorized" }, { "controller", "Home" }, { "area", "" } } ); //base.HandleUnauthorizedRequest(filterContext); } else { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "action", "Login" }, { "controller", "Account" }, { "area", "" }, { "returnUrl", HttpContext.Current.Request.Url } } ); } } } //How to Use this [AuthorizeRole(Rolenames.Admin,Rolenames.Member)] public ActionResult Index() { return View(); }
另一个明确的解决scheme,你可以使用常量保持约定,并添加多个[授权]属性。 看一下这个:
public static class RolesConvention { public const string Administrator = "Administrator"; public const string Guest = "Guest"; }
然后在控制器中:
[Authorize(Roles = RolesConvention.Administrator )] [Authorize(Roles = RolesConvention.Guest)] [Produces("application/json")] [Route("api/[controller]")] public class MyController : Controller
- Spring MVC Controller使用URL参数进行redirect,而不是作为响应
- 在Spring MVC中,如何在使用@ResponseBody时设置MIMEtypes标题
- 在MVC中处理$ _POST数据的正确方法是什么?
- 一个单元应该如何testing一个.NET MVC控制器?
- ASP.NET MVC:是否为每个请求创build了Controller?
- Angular JSresize的div指令
- 在Rails 3中,当资源创build操作失败并调用render:new时,为什么URL必须更改为资源的索引url?
- 什么是ASP.NET MVC基础控制器类的好select?
- Symfony2:获取控制器所有路由的列表
