堆栈内存溢出
  简体   繁体   English

Asp.net Core IAuthorizationFilter:顶级属性返回 null

[英]Asp.net Core IAuthorizationFilter :Top level attribute returning null

 原文  2022-06-10 10:47:59       c#/ asp.net/ asp.net-core/ asp.net-web-api

问题描述

I am using .NET core 3 and for AuthorizationFilter inherited IAuthorizationFilter.我正在使用 .NET core 3 并且对于 AuthorizationFilter 继承了 IAuthorizationFilter。 On my top level attribute I have added custom attribute(ModulePermission).在我的顶级属性上,我添加了自定义属性(ModulePermission)。

I need to get the value of the attribute on AuthorizeActionFilter -> OnAuthorization function.我需要获取 AuthorizeActionFilter -> OnAuthorization 函数上的属性值。

However, I can access current action customattribute(ActionPermission).但是,我可以访问当前操作 customattribute(ActionPermission)。 But my top level attribute is null.但我的顶级属性为空。 ( var module = actionDescriptor.MethodInfo.GetCustomAttributes(true).FirstOrDefault(i => i is ModulePermissionAttribute); ) ( var module = actionDescriptor.MethodInfo.GetCustomAttributes(true).FirstOrDefault(i => i is ModulePermissionAttribute); )

Example例子

Api Controller: API 控制器:

[ModulePermission(Module.Product)]
[Route("api/products")]
[ApiController]
public class ProductController : BaseApiController
{
     public ProductController()
     {
     }

    [Route(""), HttpPost, ActionPermission(Action.READ)]
    public Response<Product> Get()
    {
            // some code
     }
}

Authorization Class:授权等级:

    using System;
    using System.Linq;
    using System.Reflection;
    using Microsoft.AspNetCore.Mvc;
    using Microsoft.AspNetCore.Mvc.Controllers;
    using Microsoft.AspNetCore.Mvc.Filters; 
  
    public enum Module
    {
        User,
        Product
    }
    
    public enum Action
    {
        Read,
        Delete,
        Add,
        Edit
    }
    
     [AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
     public class ActionPermissionAttribute : Attribute
     {
        private Action _action;
        public Action action { get { return action; } }
    
        public ActionPermissionAttribute(Action action = Action.Read)
        {
           _action = action;
        }
      }
    
     [AttributeUsage(AttributeTargets.Class, AllowMultiple = false)]
     public class ModulePermissionAttribute : Attribute
     {
         private string _module;
         public string Module { get { return _module; } }
         public ModulePermissionAttribute(string module = "")
         {
            if (string.IsNullOrEmpty(module))
            {
                 _module = "Novalue";
            }
            else
            {
                 _module = module;
             }
          }
         public ModulePermissionAttribute(Type module)
         {
                _module = module.Name;
            }
        }
    
    
        public class AuthorizeAttribute : TypeFilterAttribute
        {
            public AuthorizeAttribute()
            : base(typeof(AuthorizeActionFilter))
            {
            }
        }
    
        public class AuthorizeActionFilter : IAuthorizationFilter
        {
            public AuthorizeActionFilter()
            {
            }
            public void OnAuthorization(AuthorizationFilterContext context)
            {
                bool isAuthorized = //check authorized or not
                var actionDescriptor = (context.ActionDescriptor as ControllerActionDescriptor);
    
                var module = actionDescriptor.MethodInfo.GetCustomAttributes<ModulePermissionAttribute>(true).FirstOrDefault(i => i is ModulePermissionAttribute); 
               // **here module is always null**

                var method = actionDescriptor.MethodInfo.GetCustomAttributes<ActionPermissionAttribute>(false).FirstOrDefault(i => i is ActionPermissionAttribute);
    
                // check module and method exists for the user
    
                if (!isAuthorized)
                {
                    context.Result = new ForbidResult();
                }
            }
        }

1 个解决方案

解决方案1
 1 已采纳  2022-06-13 10:23:28

Found the answer By Using EndpointMetadata通过使用 EndpointMetadata 找到答案

var module = context.ActionDescriptor.EndpointMetadata.OfType<ModulePermissionAttribute>().FirstOrDefault();

Hope this helps someone希望这可以帮助某人

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 IAuthorizationFilter ASP.Net Core 3 中的依赖注入 - Dependency Injection in IAuthorizationFilter ASP.Net Core 3 依赖注入失败,IAuthorizationFilter 和 ASP.NET 核心的简单注入器 - Dependency injection failed with IAuthorizationFilter and Simple Injector for ASP.NET Core ASP.NET IAuthorizationFilter OnAuthorization - ASP.NET IAuthorizationFilter OnAuthorization .NET Core - 找不到 IAuthorizationFilter - .NET Core - IAuthorizationFilter not found ASP.NET Core 2 - GetUserIdAsync 返回带有 Guid Id 的空结果 - ASP.NET Core 2 - GetUserIdAsync returning null Result with Guid Ids ApplicationUser上的ASP.net Core 1.0映射属性返回null - ASP.net Core 1.0 Mapping property on ApplicationUser returning null IFormFile 在 ASP.NET Core 3.0 中返回 NULL - IFormFile is returning NULL in ASP.NET Core 3.0 ASP.NET 铁芯返回 - ASP.NET Core Returning 如何使ASP.NET MVC IAuthorizationFilter尊重IgnoreRoute的 - How to get ASP.NET MVC IAuthorizationFilter to respect IgnoreRoute's ASP.NET Core Web API 和 Jaeger - 我可以更改顶级 Span 名称吗? - ASP.NET Core Web API and Jaeger - Can I change the top level Span name?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM