[英]ASP.Net Identity 2 - Why doesn't my filter work?
I've tried creating an easy filter to see if the user is in a role called "System Administrator", basically short hand for having to do [Authorize(Roles = "System Administrator")]
. 我尝试创建一个简单的过滤器,以查看用户是否处于名为“系统管理员”的角色,这基本上是必须要做的[Authorize(Roles = "System Administrator")]
简写形式。 I thought it would be fairly simple, but I'm also fairly new to MVC so perhaps I'm overlooking something. 我以为这很简单,但是我对MVC还是很陌生,所以也许我忽略了一些东西。
Here's my code: 这是我的代码:
using System.Web.Mvc;
namespace site_redesign_web.Filters
{
public class SystemAdminFilter : ActionFilterAttribute
{
string SysAdminRole = "System Administrator";
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.RequestContext.HttpContext.User != null)
{
var userSysAdmin = filterContext.RequestContext.HttpContext.User.IsInRole(SysAdminRole) == true;
filterContext.ActionParameters["IsSysAdmin"] = userSysAdmin;
}
}
}
}
Can some one suggest where am I going wrong? 有人可以建议我要去哪里吗? A huge plus would be if the person isn't a System Administrator it would direct them to Home/NoPermissions
. 如果该人不是系统管理员,那么它将带他们到Home/NoPermissions
这是一个巨大的优势。
Thank you! 谢谢!
Since you are dealing with authorization, I would extend AuthorizeAttribute
instead of ActionFilterAttribute
which is mode general. 由于您正在处理授权,因此我将扩展AuthorizeAttribute
而不是一般模式的ActionFilterAttribute
。 You need to override only one method - HandleUnauthorizedRequest
which is executed when authorization fails. 您只需要覆盖一种方法HandleUnauthorizedRequest
,当授权失败时将执行该方法。 Default implementation of AuthorizeAttribute already handles role based authorization for you. AuthorizeAttribute的默认实现已经为您处理了基于角色的授权。
public class SystemAdminAttribute : AuthorizeAttribute
{
private const string SysAdminRole = "System Administrator";
public SystemAdminFilter()
{
//this defines the role that will be used to authorize the user:
this.Roles = SysAdminRole;
}
//if user is not authorized redirect to "Home/NoPermissions" page
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
base.HandleUnauthorizedRequest(filterContext);
}
else
{
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Home", action = "NoPermissions" }));
}
}
}
Once your attribute is implemented, decorate corresponding Controllers or Actions with it: 实现属性后,用它装饰相应的Controllers或Actions:
[SystemAdmin]
public SysAdminController : Controller
{
}
Updated: Fixing all issues. 更新:解决所有问题。 AJ. AJ。 Here you go... Finally fixed the problem 好了...终于解决了问题
using ActionFilterAttribute
using System.Web.Mvc;
namespace site_redesign_web.Filters
{
public class SystemAdminFilter : ActionFilterAttribute
{
string SysAdminRole = "System Administrator";
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.RequestContext.HttpContext.User != null)
{
var userSysAdmin = filterContext.RequestContext.HttpContext.User.IsInRole(SysAdminRole) == true;
if(!userSysAdmin)
{
filterContext.Result = new RedirectToRouteResult(
new System.Web.Routing.RouteValueDictionary{
{"controller", "Home"},
{"action", "Index"}
});
}
}
}
}
}
and your Controller should be 并且您的控制器应为
[SystemAdminFilter] // at controller level
public SomeController : Controller
{
}
or you can also use it for a particular Action by annotating like this 或者您也可以通过这样的注释将其用于特定的操作
public SomeController : Controller
{
[SystemAdminFilter] // at Action level
public ActionResult SomeAction()
{
// perform your actions
}
It will work because I manually passed in the User with his role in the Application_AuthorizeRequest in Global.asax 之所以可以使用,是因为我在Global.asax的Application_AuthorizeRequest中手动传递了他的用户角色
protected void Application_AuthorizeRequest(Object sender, EventArgs e)
{
FormsAuthenticationTicket formsAuthenticationTicket = new FormsAuthenticationTicket("Aravind", true, 30);
FormsIdentity formsIdentityId = new FormsIdentity(formsAuthenticationTicket);
GenericPrincipal genericPrincipal = new GenericPrincipal(formsIdentityId, new string[] { "SystemUser" }); //TEST with this redirected to Home Index place
HttpContext.Current.User = genericPrincipal ;
}
The next test I made was with this 我的下一个测试是与此
GenericPrincipal genericPrincipal = new GenericPrincipal(formsIdentityId, new string[] { "System Administrator" }); //TEST with this did not perform an action
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.