在asp.net成员中实现细粒度的运行时权限?
[英]Implementing fine-grained runtime permissions in asp.net Membership?
问题描述
Is there a preferred way of doing fine grained access that can be modified during runtime? 
有没有一种可以在运行时修改的细粒度访问的首选方法?
ASP.net membership doesn't seem to support this. ASP.net成员资格似乎不支持此功能。 I thought of creating constant invisible subroles so that there would be a set of hidden roles like "_CanEditContent" and "_CanDeleteOthersContent". 我考虑过创建恒定的不可见子角色,以便有一组隐藏角色,例如“ _CanEditContent”和“ _CanDeleteOthersContent”。 The check would be [Authorize(Roles = SubRoles.CanEditUser)] which would check that the user is in a role that has _CanEditUser role. 检查将是[Authorize(Roles = SubRoles.CanEditUser)] ,它将检查用户是否具有_CanEditUser角色。 The problem there is of how to assign roles to other roles so that when we create a new role like "UserAdmin" how could we assign "_CanEditUser" role to that new role? 问题在于如何将角色分配给其他角色,以便当我们创建新角色(如“ UserAdmin”)时,如何为新角色分配“ _CanEditUser”角色? That seems impossible. 这似乎是不可能的。
What I need to do is to be able to create roles during runtime and add custom permissions for new or existing roles I would do the checks with something like [Authorize] and custom checks for AJAX methods. 我需要做的是能够在运行时创建角色,并为新角色或现有角色添加自定义权限,我将使用[Authorize]和AJAX方法的自定义检查来进行检查。 How would I achieve this? 我将如何实现?
1 个解决方案
解决方案1
0 已采纳 2012-08-09 06:46:30
Indeed, asp.net membership does not support this. 的确,asp.net成员资格不支持此功能。 You'll have to rollout your own mechanism with your own authorization attributes, which will use information about user (or role) permissions. 您必须使用自己的授权属性来部署自己的机制,该机制将使用有关用户(或角色)权限的信息。
You can use asp.net membership for role management, and then assign permissions to roles whichever way you want, for example, database. 您可以使用asp.net成员身份进行角色管理,然后以所需的任何方式(例如,数据库)为角色分配权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.