C# 抛出自定义异常并使用Postsharp捕获它们
我有两个特点:C# 抛出自定义异常并使用Postsharp捕获它们,c#,security,exception-handling,postsharp,C#,Security,Exception Handling,Postsharp,我有两个特点: 安全操作属性 例外策略属性 如果用户无权访问控制器上的操作,则我抛出一个自定义的非授权dexception,但我无法在ExceptionPolicyAttribute上捕获它 我的代码: [LogMethod] [ExceptionPolicy] public ActionResult Edit(int id) { // some works on here } [Serializable] public class ExceptionPolicyAttribute :
[LogMethod]
[ExceptionPolicy]
public ActionResult Edit(int id)
{
// some works on here
}
[Serializable]
public class ExceptionPolicyAttribute : OnExceptionAspect
{
private ILog logger;
private string methodName;
public override void CompileTimeInitialize(MethodBase method, AspectInfo aspectInfo)
{
this.methodName = method.DeclaringType.FullName + "." + method.Name;
}
public override void OnException(MethodExecutionArgs args)
{
Guid guid = Guid.NewGuid();
var stringBuilder = new StringBuilder(1024);
// Write the exit message.
stringBuilder.Append(this.methodName);
stringBuilder.Append('(');
// Write the current instance object, unless the method
// is static.
object instance = args.Instance;
if (instance != null)
{
stringBuilder.Append("this=");
stringBuilder.Append(instance);
if (args.Arguments.Count > 0)
stringBuilder.Append("; ");
}
// Write the list of all arguments.
for (int i = 0; i < args.Arguments.Count; i++)
{
if (i > 0)
stringBuilder.Append(", ");
stringBuilder.Append(args.Arguments.GetArgument(i) ?? "null");
}
// Write the exception message.
stringBuilder.AppendFormat("): Exception ");
stringBuilder.Append(args.Exception.GetType().Name);
stringBuilder.Append(": ");
stringBuilder.Append(args.Exception.Message);
logger.Error(stringBuilder.ToString(), args.Exception);
args.FlowBehavior = FlowBehavior.Continue;
}
public override Type GetExceptionType(System.Reflection.MethodBase targetMethod)
{
return typeof(NonAuthorizedException);
}
}
[LogMethod]
[例外政策]
公共操作结果编辑(int id)
{
//这里有一些作品
}
[可序列化]
公共类ExceptionPolicyAttribute:OneExceptionSpect
{
私人ILog记录器;
私有字符串methodName;
公共重写void CompileTimeInitialize(MethodBase方法,AspectInfo AspectInfo)
{
this.methodName=method.DeclaringType.FullName+“+”method.Name;
}
public override void OnException(MethodExecutionArgs args)
{
Guid=Guid.NewGuid();
var stringBuilder=新的stringBuilder(1024);
//写退出消息。
stringBuilder.Append(this.methodName);
stringBuilder.Append(“(”);
//写入当前实例对象,除非方法
//它是静态的。
对象实例=args.instance;
if(实例!=null)
{
stringBuilder.Append(“this=”);
追加(实例);
如果(args.Arguments.Count>0)
stringBuilder.Append(“;”);
}
//写出所有参数的列表。
for(int i=0;i0)
stringBuilder.Append(“,”);
stringBuilder.Append(args.Arguments.GetArgument(i)?“null”);
}
//编写异常消息。
stringBuilder.AppendFormat(“):Exception”);
追加(args.Exception.GetType().Name);
stringBuilder.Append(“:”);
追加(args.Exception.Message);
logger.Error(stringBuilder.ToString(),args.Exception);
args.FlowBehavior=FlowBehavior.Continue;
}
公共重写类型GetExceptionType(System.Reflection.MethodBase targetMethod)
{
返回typeof(非授权异常);
}
}
安全属性是:
[Serializable]
public class SecuredOperationAttribute: OnMethodBoundaryAspect
{
public override void OnEntry(MethodExecutionArgs args)
{
IUserManager userManager = new UserManager();
int userId = userManager.GetUserIdFromCookie;
AdminUser adminUser = GenericSessionHelper<AdminUser>.Get(userId.ToString(), State.Session);
if(!User.CanAccess)
{
args.ReturnValue = null;
throw new NonAuthorizedException(string.Format("{0} userId li kullanıcının {1} işlemini yapmak için yetkisi yoktur",userId,args.Method.Name));
}
return;
}
}
[可序列化]
公共类SecuredOperationAttribute:OnMethodBoundaryAspect
{
public override void OnEntry(MethodExecutionArgs args)
{
IUserManager userManager=newusermanager();
int userId=userManager.GetUserIdFromCookie;
AdminUser AdminUser=GenericSessionHelper.Get(userId.ToString(),State.Session);
如果(!User.CanAccess)
{
args.ReturnValue=null;
抛出新的非authorizedException(string.Format(“{0}userId li kullanıcının{1}işlemini yapmak için yetkisi yoktur”,userId,args.Method.Name));
}
返回;
}
}
有什么问题吗?我是否以错误的方式使用postsharp?我找到了解决方案:
我使用的属性如下:
[SecuredOperation]
[ExceptionPolicy]
public ActionResult Edit(int id)
但ExceptionPolicy无法捕获异常。因此,我将ExceptionPolicy移到控制器类的顶部:
[ExceptionPolicy]
public class UserController : BaseAuthorizedUserController
现在它工作了。我找到了解决方案:
我使用的属性如下:
[SecuredOperation]
[ExceptionPolicy]
public ActionResult Edit(int id)
但ExceptionPolicy无法捕获异常。因此,我将ExceptionPolicy移到控制器类的顶部:
[ExceptionPolicy]
public class UserController : BaseAuthorizedUserController
现在它起作用了