表单验证。获取 web.config 中指定的角色允许的动词
我已在 web.config 中为角色指定了动词。这工作正常,如果角色尝试在页面 Test.aspx 中发布,角色观察者将被重定向到登录页面。示例:
<location path="Test1.aspx">
<system.web>
<authorization>
<allow roles="Administrator" />
<allow roles="Observer" verbs="GET" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="Test2.aspx">
<system.web>
<authorization>
<allow roles="Administrator" />
<allow roles="Observer" />
<deny users="*"/>
</authorization>
</system.web>
</location>
但是当用户尝试在 Test.aspx 页面中 POST 时,这会让用户感到有点困惑。我想通知用户,在实际点击任何内容之前,他/她不允许发帖。像这样:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If *Not User.Role("Observer").Verbs("Post").Allowed* then
uiSave.enabled = false
End if
End Sub
那么,问题是:我在哪里可以访问这些信息?
I've specified verbs for roles in web.config. This works fine, the role observer is redirected to login page if the role tries to post in page Test.aspx. Example:
<location path="Test1.aspx">
<system.web>
<authorization>
<allow roles="Administrator" />
<allow roles="Observer" verbs="GET" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="Test2.aspx">
<system.web>
<authorization>
<allow roles="Administrator" />
<allow roles="Observer" />
<deny users="*"/>
</authorization>
</system.web>
</location>
But this is a bit confusing for the user when trying to POST in page Test.aspx. I want to inform the user that he/she is not allowed to post before actually clicking anything. Something like this:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If *Not User.Role("Observer").Verbs("Post").Allowed* then
uiSave.enabled = false
End if
End Sub
So, the question is: Where can I access this information?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用:
示例
您不需要检查动词,因为您已经知道观察者角色中的用户没有使用后动词的权限
Use:
Example here
You wont need to check the Verb because you already know that users in the Observer role do not permission to usethe Post verb