当前位置：文江博客话题详情

MVC 3 - 按角色/功能限制视图的部分和/或控件

发布于 2024-12-28 22:18:32 字数 189 浏览 1 评论 0原文

我将有许多角色，每个角色都有许多功能，因此我认为 RequireRoles 属性不足以满足我的情况。我需要某种方法来动态地让控制器操作向视图定义视图中的哪些部分和/或控件（而不在视图内添加 if/else 逻辑）。

我的想法是控制器应该告诉视图如何呈现自己，而不是使用 if/else 逻辑告诉视图。

关于如何设计这个有什么想法吗？

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

七月上 2025-01-04 22:18:32

您首先需要创建一个过滤器，您可以使用属性来控制哪些角色看到哪些操作。请参阅 http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs" rel="nofollow"> asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs。

public class RequiresRoleAttribute : ActionFilterAttribute {
    private List<string> requiredRoles = null;

    /// <summary>
    /// Initializes a new instance of the <see cref="RequiresRoleAttribute"/> class.
    /// </summary>
    /// <param name="roleNames">The role names.</param>
    public RequiresRoleAttribute(params string[] roleNames) {
        this.requiredRoles = new List<string>(roleNames);
    }

    /// <summary>
    /// Called by the MVC framework before the action method executes.
    /// </summary>
    /// <param name="filterContext">The filter context.</param>
    public override void OnActionExecuting(ActionExecutingContext filterContext) {
        bool hasRole = false;

        // check to see if the user has the proper role here

        // if the do not have the role, they are not allowed to execute the action
        if (!hasRole)
            throw new UserAccessException("You do not have access to this action (" + filterContext.ActionDescriptor.ActionName + ", " + filterContext.ActionDescriptor.ControllerDescriptor.ControllerName + ")");

        base.OnActionExecuting(filterContext);
    }
}

其次，为了解决视图中没有逻辑的问题，您可以对需要角色的每个部分使用子操作。您可以再次将过滤器应用于子操作。有关子操作的更多信息，请参阅：http://msdn.microsoft.com/ en-us/library/ie/ee839451.aspx。

您需要更改的是引发异常的部分。您需要检查正在执行的操作是否是子操作。如果是这样，您需要返回空内容结果。

You need to first of all create a filter which you can use an attribute to control what roles see what actions. See http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs.

public class RequiresRoleAttribute : ActionFilterAttribute {
    private List<string> requiredRoles = null;

    /// <summary>
    /// Initializes a new instance of the <see cref="RequiresRoleAttribute"/> class.
    /// </summary>
    /// <param name="roleNames">The role names.</param>
    public RequiresRoleAttribute(params string[] roleNames) {
        this.requiredRoles = new List<string>(roleNames);
    }

    /// <summary>
    /// Called by the MVC framework before the action method executes.
    /// </summary>
    /// <param name="filterContext">The filter context.</param>
    public override void OnActionExecuting(ActionExecutingContext filterContext) {
        bool hasRole = false;

        // check to see if the user has the proper role here

        // if the do not have the role, they are not allowed to execute the action
        if (!hasRole)
            throw new UserAccessException("You do not have access to this action (" + filterContext.ActionDescriptor.ActionName + ", " + filterContext.ActionDescriptor.ControllerDescriptor.ControllerName + ")");

        base.OnActionExecuting(filterContext);
    }
}

Second to solve your problem of no logic in the views you could use child actions for each section which requires a role. Again you could apply your filter to the child actions. For more on child actions see: http://msdn.microsoft.com/en-us/library/ie/ee839451.aspx.

What you would need to change is the section that throws the exception. You'd need to check to see if the action being executed is a child action. If so, you'd want to return an empty content result.

回复收藏 0 原文

~没有更多了~