C# 如何配置注释[授权]以使用枚举?
我正在尝试使用C# 如何配置注释[授权]以使用枚举?,c#,asp.net-mvc,asp.net-mvc-4,C#,Asp.net Mvc,Asp.net Mvc 4,我正在尝试使用Enum来注释[授权]。我已经配置了,但仍然不起作用,安全策略允许访问 我没有使用数字创建我的Enum,例如:Administrator=1或类似的东西,我只是使用描述作为管理员、管理者、公共创建。我不想创建数字作为索引,只想创建描述,如我所示 我怎样才能解决这个问题 枚举 public enum RoleType{ Administrator, Manager, Common }; 授权属性 [AttributeUsage(AttributeTarget
Enum
来注释[授权]
。我已经配置了,但仍然不起作用,安全策略允许访问
我没有使用数字创建我的Enum
,例如:Administrator=1
或类似的东西,我只是使用描述作为管理员、管理者、公共
创建。我不想创建数字作为索引,只想创建描述,如我所示
我怎样才能解决这个问题
枚举
public enum RoleType{
Administrator,
Manager,
Common
};
授权属性
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Constructor | AttributeTargets.Enum | AttributeTargets.Method, AllowMultiple = false)]
public class PermissionFilter : AuthorizeAttribute{
public RoleType Roles {get;set;}
protected override bool AuthorizeCore(HttpContextBase httpContext){
if (httpContext == null)
throw new ArgumentNullException("httpContext");
if (!httpContext.User.Identity.IsAuthenticated)
return false;
//get the Session of User
User user = httpContext.Session["User"] as User;
RoleType role = user.role;
if (((Roles & role) != role))
return false;
return true;
}
public override void OnAuthorization(AuthorizationContext filterContext){
base.OnAuthorization(filterContext);
if (filterContext.Result is HttpUnauthorizedResult)
filterContext.HttpContext.Response.Redirect("/Home/accessDenied");
}
}
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Constructor | AttributeTargets.Enum | AttributeTargets.Method, AllowMultiple = false)]
public class PermissionFilter : AuthorizeAttribute{
public RoleType[] Roles;
public PermissionFilter(params RoleType[] roles){
Roles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext){
if (httpContext == null)
throw new ArgumentNullException("httpContext");
if (!httpContext.User.Identity.IsAuthenticated)
return false;
try{
Usuario usuario = httpContext.Session["Usuario"] as Usuario;
RoleType role = usuario.role;
Boolean contain = Roles.Contains<RoleType>((RoleType)role);
Console.WriteLine("Contem Role: " + contain);
if (!Roles.Contains<RoleType>((RoleType)role)){
return false;
}
return true;
}catch (Exception e){
Debug.WriteLine("PermissionFilter AuthorizeCore: " + e.Message);
return false;
}
}
public override void OnAuthorization(AuthorizationContext filterContext){
base.OnAuthorization(filterContext);
if (filterContext.Result is HttpUnauthorizedResult)
filterContext.HttpContext.Response.Redirect("/Home/acessoNegado");
}
}
方法
[PermissionFilter(Roles= RoleType.Manager)]
public ActionResult viewAllAdmin(int? pagina, String nome){
}
解决了这个问题
是的
授权属性
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Constructor | AttributeTargets.Enum | AttributeTargets.Method, AllowMultiple = false)]
public class PermissionFilter : AuthorizeAttribute{
public RoleType Roles {get;set;}
protected override bool AuthorizeCore(HttpContextBase httpContext){
if (httpContext == null)
throw new ArgumentNullException("httpContext");
if (!httpContext.User.Identity.IsAuthenticated)
return false;
//get the Session of User
User user = httpContext.Session["User"] as User;
RoleType role = user.role;
if (((Roles & role) != role))
return false;
return true;
}
public override void OnAuthorization(AuthorizationContext filterContext){
base.OnAuthorization(filterContext);
if (filterContext.Result is HttpUnauthorizedResult)
filterContext.HttpContext.Response.Redirect("/Home/accessDenied");
}
}
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Constructor | AttributeTargets.Enum | AttributeTargets.Method, AllowMultiple = false)]
public class PermissionFilter : AuthorizeAttribute{
public RoleType[] Roles;
public PermissionFilter(params RoleType[] roles){
Roles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext){
if (httpContext == null)
throw new ArgumentNullException("httpContext");
if (!httpContext.User.Identity.IsAuthenticated)
return false;
try{
Usuario usuario = httpContext.Session["Usuario"] as Usuario;
RoleType role = usuario.role;
Boolean contain = Roles.Contains<RoleType>((RoleType)role);
Console.WriteLine("Contem Role: " + contain);
if (!Roles.Contains<RoleType>((RoleType)role)){
return false;
}
return true;
}catch (Exception e){
Debug.WriteLine("PermissionFilter AuthorizeCore: " + e.Message);
return false;
}
}
public override void OnAuthorization(AuthorizationContext filterContext){
base.OnAuthorization(filterContext);
if (filterContext.Result is HttpUnauthorizedResult)
filterContext.HttpContext.Response.Redirect("/Home/acessoNegado");
}
}
然后,它工作得很好 所以你根本不需要stackoverflow的帮助。