• 关于AuthorizeAttribute使用


    在开发中,假如你只对一个角色进行权限处理,你可以这么写

    class ActionAuthAttribute : AuthorizeAttribute
        {
            private RoleType _roleType;
            public ActionAuthAttribute(RoleType role)
            {
                _roleType = role;
            }
          
            protected override bool AuthorizeCore(HttpContextBase httpContext)
            {
                if (BaseController.CurrentUser.RoleId == (int)_roleType )
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
    
            protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
            {
                //base.HandleUnauthorizedRequest(filterContext);
                //filterContext.HttpContext.Response.RedirectToRoute("ErrorPage", new { msg = HttpUtility.UrlEncodeUnicode("你无权访问此页面!") });     
                System.Web.HttpContext.Current.Response.RedirectToRoute("ErrorPage", new { msg = HttpUtility.UrlEncodeUnicode("你无权访问此页面!") });  
    
            }
        }

    但是当两个角色都有权限呢?

    方法一:你可以重写构造函数,如下

    class ActionAuthAttribute : AuthorizeAttribute
        {
            private RoleType _roleType;
            private RoleType _roleType1;
            private RoleType _roleType2;
            public ActionAuthAttribute(RoleType role)
            {
                _roleType = role;
            }
            public ActionAuthAttribute(RoleType role1, RoleType role2)
            {
                _roleType1 = role1;
                _roleType2 = role2;
            }
            protected override bool AuthorizeCore(HttpContextBase httpContext)
            {
                if (BaseController.CurrentUser.RoleId == (int)_roleType )
                {
                    return true;
                }
                else if (BaseController.CurrentUser.RoleId == (int)_roleType1 || BaseController.CurrentUser.RoleId == (int)_roleType2) 
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
    
            protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
            {
                //base.HandleUnauthorizedRequest(filterContext);
                //filterContext.HttpContext.Response.RedirectToRoute("ErrorPage", new { msg = HttpUtility.UrlEncodeUnicode("你无权访问此页面!") });     
                System.Web.HttpContext.Current.Response.RedirectToRoute("ErrorPage", new { msg = HttpUtility.UrlEncodeUnicode("你无权访问此页面!") });  
    
            }
        }

    方法二:你可以使用

    params定义一个变化的数组参数,这样参数多少就可以随你了,推荐第二种方法,不然,随着参数变化,你要一直重写函数了。。哈哈
     [AttributeUsage(AttributeTargets.Method)]
        class ActionAuthAttribute : AuthorizeAttribute
        {
            private RoleType[] _roleType;
            public ActionAuthAttribute(params RoleType[] role)
            {
                _roleType = role;
            }
            protected override bool AuthorizeCore(HttpContextBase httpContext)
            {
                foreach (var item in _roleType)
                {
                    if (BaseController.CurrentUser.RoleId == (int)item)
                    {
                        return true;
                    }
                }
                return false;
            }
            protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
            {  
                var routeValue = new RouteValueDictionary { 
                    { "Controller", "Etc"}, 
                    { "Action", "Oops"},
                    {"msg", HttpUtility.UrlEncodeUnicode("你无权访问此页面!")}
                };
    
                filterContext.Result = new RedirectToRouteResult(routeValue);
            }
  • 相关阅读:
    C89:论内存泄漏
    C++03:模板
    C++的STL(标准模板库)系列:容器——string容器
    C++03:论类的友元函数和内联函数
    C++03:论类的运算符重载
    Windows开发:网络编程基础
    Windows开发:论文件和权限
    C89:头文件
    C89:论符号
    纪录片(深度好片)
  • 原文地址:https://www.cnblogs.com/walt/p/4918524.html
Copyright © 2020-2023  润新知