Model view controller 控制器级别的角色访问
MVC是否允许一个角色访问整个控制器,除了另一个角色访问一个或几个方法之外 除方法3外,所有方法均属于员工,客户和员工均可访问。如下所示:Model view controller 控制器级别的角色访问,model-view-controller,controller,authorization,Model View Controller,Controller,Authorization,MVC是否允许一个角色访问整个控制器,除了另一个角色访问一个或几个方法之外 除方法3外,所有方法均属于员工,客户和员工均可访问。如下所示: [Authorize(Roles = "staff")] public class StaffController : Controller { public StaffController() { } public ActionResult Method1()
[Authorize(Roles = "staff")]
public class StaffController : Controller
{
public StaffController()
{
}
public ActionResult Method1()
{
}
public ActionResult Method2()
{
}
[Authorize(Roles = "staff, customer")]
public ActionResult Method3()
{
}
}
[Authorize(Roles = "staff")]
public class StaffController : Controller
{
public StaffController()
{
}
public ActionResult Method1()
{
}
public ActionResult Method2()
{
}
[Authorize(Roles = "customer")]
public ActionResult Method3()
{
}
}
[Authorize(Roles = "staff")]
public class StaffController : Controller
{
public StaffController()
{
}
public ActionResult Method1()
{
}
public ActionResult Method2()
{
}
[Authorize(Roles = "staff, customer")]
public ActionResult Method3()
{
}
}
[Authorize(Roles = "staff")]
public class StaffController : Controller
{
public StaffController()
{
}
public ActionResult Method1()
{
}
public ActionResult Method2()
{
}
[Authorize(Roles = "customer")]
public ActionResult Method3()
{
}
}
非常感谢您的帮助 我怀疑它首先检查控制器授权,因此从未有机会检查其授权的具体操作 一种解决方案是在类级别授权这两个角色,并将对特定方法的访问限制为只允许
员工限制授权