[英]How to add 'pass parameter' to custom AuthorizeAttribute
我想保护控制器操作,以便只有角色为“Admin”的用户才能进入。
我根本不使用角色/会员提供商。
到目前为止我这样做了:
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (!isAuthorized)
return false;
string username = httpContext.User.Identity.Name;
UserRepository repo = new UserRepository();
return repo.IsUserInRole(username, "Admin");
}
}
请注意,我在这里硬编码了“Admin”。
我希望这是动态的。
这项工作现在:
[CustomAuthorize]
public ActionResult RestrictedArea()...
但是我想要这样的东西:
[CustomAuthorize(Roles = "Admin")]
public ActionResult RestrictedArea()
AuthorizeAttribute已经具有可用于此目的的Roles属性:
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (!isAuthorized)
{
return false;
}
string username = httpContext.User.Identity.Name;
UserRepository repo = new UserRepository();
return repo.IsUserInRole(username, this.Roles);
}
}
如何使用Custom AuthorizeAttribute控制器利用参数值?
[英]How to use Custom AuthorizeAttribute for controller utilizing parameter value?
如何在MVC上为某些特定的Controller使用代码添加自定义AuthorizeAttribute?
[英]How add custom AuthorizeAttribute for some specific Controller use code on MVC?
如何在自定义AuthorizeAttribute中允许[Authorize]
[英]How to allow [Authorize] inside a custom AuthorizeAttribute
如何从自定义AuthorizeAttribute返回带有模型的PartialView
[英]How to return PartialView with model from custom AuthorizeAttribute
将连接字符串传递给 asp.net core 中的自定义 AuthorizeAttribute
[英]Pass connection string to custom AuthorizeAttribute in asp.net core
ASP.Core 将 serviceprovider 传递给自定义 AuthorizeAttribute 的构造函数
[英]ASP.Core Pass serviceprovider to constructor of custom AuthorizeAttribute
为某些Action MVC添加相同的AuthorizeAttribute时,如何覆盖全局AuthorizeAttribute?
[英]How override the global AuthorizeAttribute when add same AuthorizeAttribute for some Action MVC?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.