[英]Identity - user rights in ASP.NET Core MVC
我正在創建一個 web 應用程序,通過身份登錄的用戶可以創建新的對象(產品)進行銷售。 但是我想知道如何使用 Identity 來制作它,以便用戶只能看到他們自己創建的對象。 我一直在考慮UserManager
但我對此很陌生,所以我不確定從哪里開始。
如果有人能告訴我一個非常簡單的方法來解決這個問題,我將不勝感激。 閱讀了大量 Microsoft 的文檔,但我不覺得我變得更聰明了。
這是我管理“產品”的InventoryController
:
using auktioner_MarcusR91.Data;
using auktioner_MarcusR91.Models;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace auktioner_MarcusR91.Controllers
{
public class InventoryController : Controller
{
private readonly AppDbContext _db;
public InventoryController(AppDbContext db)
{
_db = db;
}
public IActionResult Index()
{
IEnumerable<Inventory> objInventoryList = _db.Inventories;
return View(objInventoryList);
}
//GET
[Authorize]
public IActionResult Create()
{
return View();
}
//Post
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Create(Inventory inventory)
{
_db.Inventories.Add(inventory);
_db.SaveChanges();
return RedirectToAction("index");
}
//GET
[Authorize]
public IActionResult Edit(int? id)
{
if (id == 0 || id == 5)
{
return NotFound();
}
var inventoryFromDb = _db.Inventories.Find(id);
if (inventoryFromDb == null)
{
return NotFound();
}
return View(inventoryFromDb);
}
//Post
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Edit(Inventory inventory)
{
if (ModelState.IsValid)
{
_db.Inventories.Update(inventory);
_db.SaveChanges();
return RedirectToAction("index");
}
return View(inventory);
}
}
}
如果有幫助,這是我的創建視圖:
@model Inventory
<form method = "post">
<div class = "border p-3 mt-4">
<div class = "row pb-2">
<h2 class = "text-primary">Add to Inventory</h2>
<hr />
</div>
<div class = "mb-3">
<label asp-for ="inventoryName"></label>
<input asp-for = "inventoryName" />
<label asp-for ="finalPrize"></label>
<input asp-for = "finalPrize" />
<label asp-for ="inventoryDesc"></label>
<input asp-for = "inventoryDesc" />
<p>1 för "Transport</p>
<p>2 för "Smycken"</p>
<p>3 för "Hushåll"</p>
<p>4 för "Dekoration"</p>
<select asp-for = "categoryId">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
</select>
</div>
<button type = "submit" class = "btn btn-primary" width = "100px">Submit</button>
<a asp-controller = "Inventory" asp-action = "index" class = "btn btn-secondary" style = "width: 100px">Back to products</a>
</div>
</form>
U 應該使用 userManager 作為 userId。
private readonly AppDbContext _db;
private readonly UserManager<ApplicationUser> _userManager;
public InventoryController(AppDbContext db, UserManager<ApplicationUser> userManager)
{
_db = db;
_userManager = userManager;
}
然后通過 userId 更改您的查詢過濾器。
var userId = _userManager.GetUserId(HttpContext.User);
IEnumerable<Inventory> objInventoryList = _db.Inventories.Where(d => d.userId == userId);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.