限制用户角色
[英]Restricting User With Roles
问题描述
I have 3 types of institutions in my system which are as follows 
我的系统中有3种类型的机构,如下
- Crondale (Our inner system) 克朗代尔(我们的内部系统)
- Kitchens 厨房用品
- Institutions 机构
I have multiple roles on each institution. 我在每个机构中都有多个角色。 So for example, a Kitchen can have 例如,一个厨房可以有
- Admin 管理员
- Cook 厨师
- etc 等等
My first question is how should I restrict the user who belongs to Institution to view kitchen? 我的第一个问题是如何限制属于机构的用户查看厨房? I have multiple views in Kitchen so what should be done in order to restrict user going in any of them? 我在Kitchen中有多个视图,如何限制用户进入其中的任何视图? Maybe something like [Authorize]? 也许像[授权]之类的东西? Any tutorial on how to do that? 任何有关如何做到这一点的教程? Any example links? 任何示例链接?
My second question is how should I restrict the Kitchen cook to view the Kitchen Admin screens? 我的第二个问题是我应该如何限制厨房厨师查看Kitchen Admin屏幕? I would like to restrict the Controller actions as well as in my view I would like to hide some portions dependent upon the user roles? 我想限制Controller动作,以及在我看来,我想隐藏一些取决于用户角色的部分?
1 个解决方案
解决方案1
0 2014-12-09 10:43:34
First you should Create Role for Each Users and at Beginning of user creation. 首先,应该在创建用户时为每个用户创建角色。
By using the below code 通过使用以下代码
Roles.CreateRole(userRole);
Roles.AddUserToRole(UserName, userRole);
above code is default code used to add role and add the user to the specific role which is already added. 上面的代码是用于添加角色并将用户添加到已添加的特定角色的默认代码。
Note you have to done it on the registration time, not in the log-in time 请注意,您必须在注册时间而不是登录时间完成操作
And the role restriction can be made by applying the role on the top of each action method like given below. 可以通过在每个操作方法的顶部应用角色来限制角色,如下所示。
[Authorize(Roles = "Admin")]
public ActionResult method1()
{
return View("View1");
}
[Authorize(Roles = "Cook")]
public ActionResult method2()
{
return View("View2");
}
By this those user with the role only able to access the Action method with the related Role. 这样,具有角色的那些用户只能访问具有相关角色的Action方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.