ASP.Net MVC 与 会员资格

发布于 2024-07-19 22:22:36 字数 1020 浏览 10 评论 0原文

我真的很感激一些关于我想要实现的目标的反馈:

问题:

  1. 我想授权我的应用程序的用户在控制器上执行单个操作。 例如:如果用户拥有所需的授权,则他可以在我的控制器类上执行“保存”操作。
  2. 在我正在从事的项目中,角色的创建和角色的创建。 他们的授权由客户端部署团队完成 不在我的控制范围内。 因此,我对一个可以分配给角色/用户的“控制点”进行编程,而我的应用程序只需要检查该控制点。
  3. 如何将控制点概念引入 ASP.Net MVC? 更具体地说,如何根据控制器上的用户权限启用/禁用视图上的按钮?

我的解决方案:

  1. 参考:http://weblogs.asp.net/fredriknormen/archive/2008/03/12/asp-net-mvc-framework-2-interception-and-creating- a-role-action-filter.aspx - 作为起点,
  2. 我不会像上面的链接中所解释的那样创建角色过滤器,而是有一个 ControlPointFilter 类,它将获取模型和 进行授权检查。
  3. 我遇到的麻烦是在 View 类中 我当前正在传递用户可以在 ViewData[] 集合中访问的控制点集合。
  4. 在 View 类中,我正在检查 ViewData 集合中是否存在相关控制点(我不喜欢这一点 - 希望将 View 类中的代码保持在最低限度)
  5. 另一个问题是 - 而实际的控制点名称正在控制器类的属性中设置,我在哪里/如何将这些属性传递给视图和视图? 还保持视图干净吗?

希望有帮助& 感谢您花时间/精力来回答这个问题!

阳光明媚

I would really appreciate some feedback on what I am trying to achieve:

The problem:

  1. I would like to authorize a user of my application to a single action on the controller. For e.g.: a user can perform the "save" action on my controller class if he has the required authorization.
  2. In the project I am working on, the creation of roles & their authorization is done by the client deployment team & not in my control. So, I program to a "control point" which can be assigned to role/user, while my application needs to only check that control point.
  3. How do I get a control point concept into ASP.Net MVC? More specifically, how do I enable/disable buttons on the View based on the user permission on the controller?

My solution:

  1. Ref.: http://weblogs.asp.net/fredriknormen/archive/2008/03/12/asp-net-mvc-framework-2-interception-and-creating-a-role-action-filter.aspx - as a starting point
  2. Instead of creating a role filter as explained in the link above, I would have a ControlPointFilter class which would get the model & do the authorization check.
  3. The trouble I have is in the View class & I am currently passing the control point collection to which the user has access in the ViewData[] collection.
  4. In the View class, I am checking if the related control point is present in the ViewData collection (which I don't like - want to keep the code to a minimum in the View class)
  5. The other issue is - while the actual control point name is being set in the attribute to the controller class, where/how can I pass these attributes to the view & yet keep the view clean?

Hope that helps & appreciate your time/effort to answer this!

Sunny

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

轮廓§ 2024-07-26 22:22:36

一种可能的解决方案是将控制点转换为控制器操作中的视图属性(也许这些是相同的事情,但从您的问题中尚不清楚)。 这个想法是,您的控制点将转换为有意义的视图方向,例如“AllowEdit”、“AllowSave”、“AllowDetailedView”等。这些将成为 ViewData 中的条目。

使用基本控制器类来扩展 Controller 并为其提供 ControlPoint 集合。 让您的过滤器填充控制器中的此集合。 让基本控制器 OnActionExecuted 方法使用此集合,并且在 ViewResult 的情况下,使用视图指令集合的适当值填充 ViewData。 各个控制器操作还可以使用 ControlPoint 集合来根据视图是否呈现额外数据来确定是否需要为各个视图提供数据。

在您看来,不要依赖控制点本身,而是依赖基本控制器确定的视图方向。 这样您就可以将视图与控制点逻辑分离。 视图仅以对视图有意义的方式对视图数据进行操作,而不是对在应用程序上下文中有意义的基于权限的数据进行操作。 视图不会关心特定指令的设置方式或原因,它只需要根据指令的值进行适当的渲染。

One possible solution to this is to translate control points into view attributes in your controller actions (perhaps these are the same things, though, it's not clear from your question). The idea would be that your control point would translate into meaningful view directions such as "AllowEdit", "AllowSave", "AllowDetailedView", etc. These would become entries in ViewData.

Use a base controller class to extend Controller and give it a ControlPoint collection. Have your filter populate this collection in the controller. Have the base controller OnActionExecuted method use this collection and, in the case of a ViewResult, populate the ViewData with the appropriate values for the collection of view directives. Individual controller actions could also use the ControlPoint collection to determine whether they need to provide data for individual views based on whether the view will render extra data or not.

In your view, rely not on the control points themselves but the view directions determined by the base controller. This way you've decoupled the views from the control point logic. Views only operate on view data in ways that are meaningful to the view, not on permission-based data that have meaning in the context of the application. The view won't care how or why the particular directive gets set, it only needs to render appropriately based on the value of the directive.

这样的小城市 2024-07-26 22:22:36

嗯,您不能简单地创建一个模板系统来为用户分配角色吗? 即创建一个具有角色“CustomerService”和“ConfigurationEditor”的用户模板“Power User”,然后像往常一样使用角色系统(即Roles.IsUserInRole(username, rolename))?

对于操作,您可以使用

[Authorized(Roles="CustomerService,CustomerServiceAdmin")]
public ActionResult Edit(...)
{
}

对于视图,您可以使用

<% if (Roles.IsUserInRole(Context.User.Name, "CustomerService")) %>

Hmm, could you not simply create a templating system, to assign roles to users? I.e. create a user template "Power User" that has the roles "CustomerService" and "ConfigurationEditor", and then use the role system as pr usual (i.e. Roles.IsUserInRole(username, rolename))?

For actions, you then use

[Authorized(Roles="CustomerService,CustomerServiceAdmin")]
public ActionResult Edit(...)
{
}

For views, you use

<% if (Roles.IsUserInRole(Context.User.Name, "CustomerService")) %>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文