如何使用角色(asp.net)而不对其进行硬编码?
创建/删除角色时,我不想修改代码。
if (HttpContext.Current.User.IsInRole("Super Admin") ||
HttpContext.Current.User.IsInRole("Admin") ||
HttpContext.Current.User.IsInRole("Support"))
{
if (HttpContext.Current.User.IsInRole("Admin"))
{
ListBox1.DataSource = Roles.GetAllRoles().Except(
new[] { "Super Admin" });
}
if (HttpContext.Current.User.IsInRole("Support"))
{
ListBox1.DataSource = Roles.GetAllRoles().Except(
new[] { "Super Admin", "Admin" });
}
fillDropDownCustomers();
}
When Roles are created/deleted I wouldn't want to modify the code.
if (HttpContext.Current.User.IsInRole("Super Admin") ||
HttpContext.Current.User.IsInRole("Admin") ||
HttpContext.Current.User.IsInRole("Support"))
{
if (HttpContext.Current.User.IsInRole("Admin"))
{
ListBox1.DataSource = Roles.GetAllRoles().Except(
new[] { "Super Admin" });
}
if (HttpContext.Current.User.IsInRole("Support"))
{
ListBox1.DataSource = Roles.GetAllRoles().Except(
new[] { "Super Admin", "Admin" });
}
fillDropDownCustomers();
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
将这些值放入静态类中:
现在您可以像这样重用它们:
Put those values in static class:
Now you can reuse them like this:
角色通过为用户可以执行的操作分配值来发挥作用。角色不会改变,但这些角色的行为会改变。超动态解决方案往往是矫枉过正。
因此,也许您有以下角色
您可以有不同的操作(这取决于您的系统)
等
动态部分出现在动作的分配中。以这种方式做事,你并不关心某人扮演什么角色,而是关心他们有什么行为。行动是这种关系中的动态方面。发出请求时,您将使用用户角色来获取分配给该角色的操作(数据库驱动以使其可修改),
将其合并到您的数据库结构中,如“角色有许多操作”,意味着如果将来情况发生变化,您将需要更新数据库中的关系,而不是代码。
数据库结构可能看起来像这样,取决于您的需求。
Role 发出请求后,您识别用户等用户名,然后确定他们所处的角色查询 RoleAction 并从而加载其关联的 Actions
我会使用 enums 作为您的 Action 和 Role 值。这使得使用起来更加容易。为了确保数据库和代码位于接收器中,请确保编写单元测试来协调数据库值与枚举值。
Roles work by assigning a value to something a user can do. The Roles dont change but the behaviour for those roles does. Ultra dynamic solutions tend to be overkill.
So perhaps you have the following roles
You can have different Actions (This would depend on your system)
Etc
The dynamic part comes in the assignment of Actions. Doing things this way you dont care what Role someone is in but what actions they have. The Actions are the dynamic aspect in this relationship. When a request is made you will use the users Role to fetch the assigned Actions to that role (Database Driven to make modifiable)
Incorporating this into your Database structure as "Role has many Actions", means that if things change in the future you will need to update the relationship in the database but not code.
A database structure could look something like this, depends on your needs.
When a request is made, you identify the user etc UserName, Then workout which Role(s) they are in by quering the RoleAction and thereby load their associated Actions
I would use enums for your Action and Role values. This makes it easier to work with. To ensure that the Database and Code are in sink, ensure that you write a Unit Test reconcile the database values against the enum values.
简单的答案是使用常量。更多上下文答案是使用 IoC 将逻辑推送到另一个类中,您可以在其中管理配置或数据库的关系。
Simple answer is use constants. The more context answer is use IoC to push the logic into another class where you can manage the relationships form config or database.
正如其他答案所建议的那样,作为常量变量。但是,如果您要更改其中一个角色的名称,您仍然需要更改代码并重新发布。
另一种选择是将角色的名称添加到配置文件中。您可以使用应用程序设置或继承自
ConfigurationSection的自定义配置类。请在此处查看 http://msdn.microsoft.com/en-us /library/2tw134k3.aspx这样您就可以更改 web.config 文件中的角色名称,并且无需更新任何代码或重新发布项目。
Either as the other answers have suggested, as Constant variables. However you would still need to change the code and republish if you were to change the name of one of the roles.
Another option would be to add the names of the roles into a config file. You would make use of the Application Settings, or a custom config class which inherits from
ConfigurationSection. Take a look here for how http://msdn.microsoft.com/en-us/library/2tw134k3.aspxThis way you can change the names of the roles within the web.config file and you would not have to update any code or republish the project.