asp.net MVC 3 将 AuthorizeAttribute 应用于区域
我目前正在编写一个 Admin MVC 3 站点,每个用户只能访问该站点的某些部分。
我网站的区域与用户角色相同,所以我想做的是将 AuthorizeAttribute 放在每个区域上,使用区域名称作为角色中的参数。
到目前为止,当我对每个区域的检查进行硬编码时,我已经做到了这一点,但我想循环遍历所有区域并应用授权过滤器。 (我使用它作为我的自定义 FilterProvider - http://www.dotnetcurry.com/ ShowArticle.aspx?ID=578)
到目前为止我的代码(“Gcm”是我的区域之一,也是一个角色):
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
// for all controllers, run AdminAuthorizeAttribute to make sure they're at least logged in
filters.Add(ObjectFactory.GetInstance<AdminAuthorizeAttribute>());
AdminAuthorizeAttribute gcmAuthroizeAttribute = ObjectFactory.GetInstance<AdminAuthorizeAttribute>();
gcmAuthroizeAttribute.Roles = "Gcm";
var provider = new FilterProvider();
provider.Add(
x =>
x.RouteData.DataTokens["area"] != null && x.RouteData.DataTokens["area"].ToString() == "Gcm"
? gcmAuthroizeAttribute
: null);
FilterProviders.Providers.Add(provider);
}
有谁知道如何获取我的应用程序的所有区域,所以我可以循环遍历它们,而不是对每个区域进行硬编码?
或者,如果有人对如何按区域进行授权有更好的了解,我们将不胜感激。
感谢您的帮助 萨恩
I'm currently writing an Admin MVC 3 site, and each user only has access to certain parts of the site.
The areas of my site are the same as the user Roles, so what I would like to do is the put the AuthorizeAttribute on each area, using the area's name as the parameter in the Role.
So far I've got this to work when I'm hard coding the checking of each area, but I would like to just loop through all areas and apply the Authorize filter.
(i'm using this as my custom FilterProvider - http://www.dotnetcurry.com/ShowArticle.aspx?ID=578)
My code so far ("Gcm" is one of my areas, and is also a Role) :
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
// for all controllers, run AdminAuthorizeAttribute to make sure they're at least logged in
filters.Add(ObjectFactory.GetInstance<AdminAuthorizeAttribute>());
AdminAuthorizeAttribute gcmAuthroizeAttribute = ObjectFactory.GetInstance<AdminAuthorizeAttribute>();
gcmAuthroizeAttribute.Roles = "Gcm";
var provider = new FilterProvider();
provider.Add(
x =>
x.RouteData.DataTokens["area"] != null && x.RouteData.DataTokens["area"].ToString() == "Gcm"
? gcmAuthroizeAttribute
: null);
FilterProviders.Providers.Add(provider);
}
Does anyone know how to get all the areas of my application, so I can just loop through them, rather than hard coding each area?
Or if anyone has a better idea of how to Authorize per area, that would be appreciated to.
Thanks for your help
Saan
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可以为每个区域创建一个基本控制器,并将授权属性放在基类上。这样您就可以为每个区域的基本控制器传递区域参数。
You could you make a base controller for each area, and put the authorize attribute over the base class. That way you can pass the area parameter in for each area's base controller.
这是我创建的授权属性覆盖的示例。我需要我的授权函数来支持会员类型,因此您可能不想过多了解函数的内部工作原理,但 AuthorizeCore 是主要逻辑发生的地方。就我而言,我正在根据实体数据上下文检查它。
用法:
代码:
Here is an example of a Authorize Attribute override i have created. I needed my authorize function to support to types of member ship so you might not want to get too into the inner workings of the functions, but AuthorizeCore is where the main logic occures. In my case i am checking it against a entity datacontext.
Usage:
Code:
当我调查一个单独的问题时,我遇到了 如何将参数传递给 ASP.NET MVC 2 中的自定义 ActionFilter?
可以更改该属性示例以检查当前控制器的 区域。
然后,我将自定义授权属性应用于 Global.asax 中的所有控制器:
感谢所有回复
Saan 的人
When I was investigating a separate issue, I came across How to pass parameters to a custom ActionFilter in ASP.NET MVC 2?
That attribute example can be altered to check for the current Controller's area.
I then apply my custom authorize attribute to all controllers like this in Global.asax:
Thanks for all who replied
Saan