[英]How to make editable roles in ASP.NET Core?
I want to make Role-based authorization using ASP.NET Core, but roles need to be editable. 我想使用ASP.NET Core进行基于角色的授权,但是角色需要可编辑。 My idea is to make roles like this: 我的想法是制作这样的角色:
And the user would have assigned role. 并且用户将分配角色。
Default roles are not an option, because I need to edit those roles. 默认角色不是一个选项,因为我需要编辑这些角色。 I'm thinking about some weird using of Policies or writing my own authorization. 我正在考虑使用一些奇怪的策略或编写我自己的授权。
[Authorize(Roles = "Administrator")] // Not editable
I have to tell, that I'm not using Identity
and for authentication I have JWT. 我必须告诉我,我没有使用Identity
,而是使用JWT进行身份验证。
...
[Authorize(Policy = "CanEdit")]
SomeEditMethod()
...
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthorization(options =>
{
options.AddPolicy("CanEdit", policy => policy.RequirePrivilege("CanEdit"));
});
}
I can be hard to make RequirePrivilege
. 我很难设置RequirePrivilege
。 What do you think fellows developers? 您如何看待开发人员? Any ideas? 有任何想法吗?
Ok, so... 好吧
I did it by saving this in JWT, and then adding policies like this. 我通过将其保存在JWT中,然后添加类似的策略来做到这一点。
...
services.AddAuthorization(options => {
options.AddPolicy("CanEditUnit", policy => policy.RequireClaim("CanEditUnit", "True"));
});
...
And them using Authorize
attribute. 并且它们使用Authorize
属性。 For example: 例如:
[Authorize(Policy = "CanEditUnit")
Thanks everyone for help! 谢谢大家的帮助! Especially @Briefkasten. 特别是@Briefkasten。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.