显示 [Authorize] 属性的特定于操作的授权消息
当 [Authorize] 或 [Authorize(Roles="Administrator")] 属性将用户重定向到标志时,是否有办法显示特定于操作的授权消息- 在页面中?
理想情况下,
[Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")]
public ActionResult SomeAdminFunction()
{
// do admin stuff
return View();
}
据我了解,属性并不意味着添加功能,但这似乎纯粹是信息性的。人们可以在操作中执行此操作,但与使用属性相比,它似乎不太优雅。
或者,
if (!Request.IsAuthenticated)
{
if (!User.IsInRole("Administrator"))
SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack
return RedirectToAction("SignIn", "Account");
}
是否有现有的方法可以执行此操作,或者我是否需要覆盖 [Authorize] 属性?
Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page?
Ideally,
[Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")]
public ActionResult SomeAdminFunction()
{
// do admin stuff
return View();
}
As I understand it, attributes are not meant to add functionality, but this seems purely informational. One could do this inside the action, but it seems inelegant compared to the use of an attribute.
Alternatively,
if (!Request.IsAuthenticated)
{
if (!User.IsInRole("Administrator"))
SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack
return RedirectToAction("SignIn", "Account");
}
Is there an existing way to do this or do I need to override the [Authorize] attribute?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我将覆盖该属性以添加我的特定消息。
I would override the attribute to add my specific message.