C# IAuthorizationFilter ASP.Net Core 3中的依赖项注入
我创建了一个过滤器C# IAuthorizationFilter ASP.Net Core 3中的依赖项注入,c#,asp.net-core,dependency-injection,C#,Asp.net Core,Dependency Injection,我创建了一个过滤器IAuthorizationFilter,我需要在这个属性中使用DepencyInjection [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)] public class AllowAccessAttribute : Attribute, IAuthorizationFilter { private rea
IAuthorizationFilter
,我需要在这个属性中使用DepencyInjection
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class AllowAccessAttribute : Attribute, IAuthorizationFilter
{
private readonly IDomainUnitOfWork unitofwork;
private readonly HttpContext httpContext;
public AllowAccessAttribute(IDomainUnitOfWork unitofwork,HttpContext httpContext)
{
this.unitofwork = unitofwork;
this.httpContext = httpContext;
}
public void OnAuthorization(AuthorizationFilterContext context)
{
string controller = context.RouteData.Values["controller"].ToString();
string action = context.RouteData.Values["action"].ToString();
var userId = httpContext.User.Identity.GetUserId<long>();
var access = string.Format("{0}:{1}", controller, action);
if (unitofwork.UserRepository.AccessLevelRepository.ValidateAccess(userId, access))
context.Result = new StatusCodeResult(403);
}
}
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method,AllowMultiple=true,Inherited=true)]
公共类AllowAccessAttribute:属性,IAuthorizationFilter
{
私有只读IDomainUnitOfWork unitofwork;
私有只读HttpContext HttpContext;
公共AllowAccessAttribute(IDomainUnitOfWork unitofwork,HttpContext HttpContext)
{
this.unitofwork=unitofwork;
this.httpContext=httpContext;
}
授权时的公共无效(AuthorizationFilterContext上下文)
{
string controller=context.RouteData.Values[“controller”].ToString();
string action=context.RouteData.Values[“action”].ToString();
var userId=httpContext.User.Identity.GetUserId();
var access=string.Format(“{0}:{1}”,控制器,操作);
if(unitofwork.UserRepository.AccessLevelRepository.ValidateAccess(用户ID,访问))
context.Result=新的StatusCodeResult(403);
}
}
当我需要使用this属性时,它会显示错误
[HttpGet]
[AllowAccess]
public async Task<ApiReturn> ChangeUserActiveStatus(long id)
{
var result = await dispatchers.SendAsync(new UserActiveStateCommand { id = id });
if (result.Success)
{
return Ok();
}
return BadRequest(result.Exception);
}
[HttpGet]
[允许访问]
公共异步任务ChangeUserActiveStatus(长id)
{
var result=await dispatchers.SendAsync(新的UserActiveStateCommand{id=id});
如果(结果、成功)
{
返回Ok();
}
返回请求(result.Exception);
}
并显示此错误:
没有给定与AllowAccessAttribute.AllowAccessAttribute(IDomainUnitOfWork,HttpContext)的必需形式参数“unitofwork”对应的参数
有什么问题?如何解决此问题?您需要在IoC容器中注册服务 Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
...
services.AddScoped<IDomainUnitOfWork, DomainUnitOfWork>(); // per request injection
...
}
您需要在IoC容器中注册服务 Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
...
services.AddScoped<IDomainUnitOfWork, DomainUnitOfWork>(); // per request injection
...
}
出于这个原因,我通常倾向于将过滤器与属性分开。此模式及其优缺点在中进行了描述。@pranavengandhi我需要使用shot sercuitI出于这个原因,我通常更倾向于将我的过滤器与属性分开。关于此模式及其优缺点,请参见。@PranavNegandhi我需要使用shot sercuit