[英]How do I disable an MVC controller by code?
I am using SelfHost/Katana/Owin for my WebServer. 我正在为我的WebServer使用SelfHost / Katana / Owin 。 I have a Controller in there that I want to enable/disable by code depending on a command line argument at launch time.
我在那里有一个控制器,我想根据启动时的命令行参数通过代码启用/禁用。
Is there a simple way of doing this in MVC? 在MVC中有一种简单的方法吗?
Right now I'm thinking in the Controller's code to return HTTP-NotFound status code when this config is disabled, any better ideas? 现在,我正在考虑在Controller的代码中禁用此配置时返回HTTP-NotFound状态代码,还有更好的主意吗?
You could decorate your controller with a custom Action Filter
. 您可以使用自定义的
Action Filter
装饰控制器。
public class ConfigActionFilter : ActionFilterAttribute {
// This method is called before a controller action is executed.
public override void OnActionExecuting(ActionExecutingContext filterContext) {
if(someConfigSetting) {
filterContext.Result = new RedirectToRouteResult("Error", someRouteValues);
}
}
...
}
Usage: 用法:
[ConfigActionFilter]
public class MyController : Controller {
...
}
You could perform a redirecttoaction that will take users to a different controller explaining what's happening. 您可以执行重定向动作,将用户带到另一个控制器,以解释发生了什么情况。
ie: 即:
public class MyController : Controller {
private IConfigReader _configReader;
public MyController(IConfigReader configReader){ //not sure if you're doing dependency injection or not, so I'm injecting it
_configReader = configReader;
}
public ActionResult Index() {
if(!_configReader.IsEnabled) {
return RedirectToAction("Denied", "AuthController");
}
//etc
return View();
}
}
您可以创建一个属性,将其应用于控制器并在启动时在该属性上设置静态属性,并在设置该标志时拒绝访问(或返回“未找到”)。
Alternatively, you can implement a custom AuthorizationAttribute and put it on your controller 或者,您可以实现自定义AuthorizationAttribute并将其放在控制器上
public class AuthorizationAdminAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (/*check for argument*/)
{
return false;
}
return true;
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (AuthorizeCore(filterContext.HttpContext))
{
// ** IMPORTANT **
// Since we're performing authorization at the action level, the authorization code runs
// after the output caching module. In the worst case this could allow an authorized user
// to cause the page to be cached, then an unauthorized user would later be served the
// cached page. We work around this by telling proxies not to cache the sensitive page,
// then we hook our custom authorization code into the caching mechanism so that we have
// the final say on whether a page should be served from the cache.
HttpCachePolicyBase cachePolicy = filterContext.HttpContext.Response.Cache;
cachePolicy.SetProxyMaxAge(new TimeSpan(0));
cachePolicy.AddValidationCallback(CacheValidateHandler, null /* data */);
}
else
{
filterContext.Result = new HttpNotFoundResult();
}
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.