ASP.Net Identity 2-為什么我的過濾器不起作用?
[英]ASP.Net Identity 2 - Why doesn't my filter work?
問題描述
我嘗試創建一個簡單的過濾器,以查看用戶是否處於名為“系統管理員”的角色,這基本上是必須要做的[Authorize(Roles = "System Administrator")]簡寫形式。 我以為這很簡單,但是我對MVC還是很陌生,所以也許我忽略了一些東西。
這是我的代碼:
using System.Web.Mvc;
namespace site_redesign_web.Filters
{
public class SystemAdminFilter : ActionFilterAttribute
{
string SysAdminRole = "System Administrator";
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.RequestContext.HttpContext.User != null)
{
var userSysAdmin = filterContext.RequestContext.HttpContext.User.IsInRole(SysAdminRole) == true;
filterContext.ActionParameters["IsSysAdmin"] = userSysAdmin;
}
}
}
}
有人可以建議我要去哪里嗎? 如果該人不是系統管理員,那么它將帶他們到Home/NoPermissions這是一個巨大的優勢。
謝謝!
2 個解決方案
解決方案1
1 2016-10-02 06:42:24
由於您正在處理授權,因此我將擴展AuthorizeAttribute而不是一般模式的ActionFilterAttribute 。 您只需要覆蓋一種方法HandleUnauthorizedRequest ,當授權失敗時將執行該方法。 AuthorizeAttribute的默認實現已經為您處理了基於角色的授權。
public class SystemAdminAttribute : AuthorizeAttribute
{
private const string SysAdminRole = "System Administrator";
public SystemAdminFilter()
{
//this defines the role that will be used to authorize the user:
this.Roles = SysAdminRole;
}
//if user is not authorized redirect to "Home/NoPermissions" page
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
base.HandleUnauthorizedRequest(filterContext);
}
else
{
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Home", action = "NoPermissions" }));
}
}
}
實現屬性后,用它裝飾相應的Controllers或Actions:
[SystemAdmin]
public SysAdminController : Controller
{
}
解決方案2
1 已采納 2016-10-02 11:14:34
更新:解決所有問題。 AJ。 好了...終於解決了問題
using ActionFilterAttribute
using System.Web.Mvc;
namespace site_redesign_web.Filters
{
public class SystemAdminFilter : ActionFilterAttribute
{
string SysAdminRole = "System Administrator";
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.RequestContext.HttpContext.User != null)
{
var userSysAdmin = filterContext.RequestContext.HttpContext.User.IsInRole(SysAdminRole) == true;
if(!userSysAdmin)
{
filterContext.Result = new RedirectToRouteResult(
new System.Web.Routing.RouteValueDictionary{
{"controller", "Home"},
{"action", "Index"}
});
}
}
}
}
}
並且您的控制器應為
[SystemAdminFilter] // at controller level
public SomeController : Controller
{
}
或者您也可以通過這樣的注釋將其用於特定的操作
public SomeController : Controller
{
[SystemAdminFilter] // at Action level
public ActionResult SomeAction()
{
// perform your actions
}
之所以可以使用,是因為我在Global.asax的Application_AuthorizeRequest中手動傳遞了他的用戶角色
protected void Application_AuthorizeRequest(Object sender, EventArgs e)
{
FormsAuthenticationTicket formsAuthenticationTicket = new FormsAuthenticationTicket("Aravind", true, 30);
FormsIdentity formsIdentityId = new FormsIdentity(formsAuthenticationTicket);
GenericPrincipal genericPrincipal = new GenericPrincipal(formsIdentityId, new string[] { "SystemUser" }); //TEST with this redirected to Home Index place
HttpContext.Current.User = genericPrincipal ;
}
我的下一個測試是與此
GenericPrincipal genericPrincipal = new GenericPrincipal(formsIdentityId, new string[] { "System Administrator" }); //TEST with this did not perform an action
Authorize和GetRoles在ASP.NET Identity中不起作用
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.