获取在控制器的操作上指定的角色
Get Roles specified on an action of a controller
我有一个 MVC 控制器和一个 class,它创建一个菜单,其中的项目只能显示给具有控制器操作特定角色的用户。在下面的例子中,我不想向具有 Role2 的用户显示 Details 菜单项。我最终做的是在菜单项上指定相同的角色,我已经在控制器上指定了相同的角色。所以我有 2 个地方定义角色,它们必须相同,所以很容易出错。
我想做的是以某种方式从控制器获取角色,但我不知道如何去做,甚至不知道是否可能。
[Authorize(Roles = "Role1,Role2")]
public class MyController
{
public IActionResult Index()
{
return View();
}
[Authorize(Roles = "Role1")]
public IActionResult Details(int? id)
{
...
return View(...);
}
}
public class MenuItem
{
public string Action { get; set; }
public string Controller { get; set; }
public string Roles { get; set; }
}
...
var item = new MenuItem
{
Action = "Index",
Controller = "MyController",
Roles = "Role1,Role2", <---- this is what I do now.
Roles = GetRoles(MyController.Index.AuthorizedRoles) <---- this is what I need.
};
你的工厂方法怎么样 MenuItem:
public class MenuItem
{
public string Action { get; private set; }
public string Controller { get; private set; }
public string Roles { get; private set; }
private MenuItem() { }
public static MenuItem For<TMethod>(TMethod method) where TMethod : Delegate
{
var methodInfo = method.GetMethodInfo();
var attributes = methodInfo
.GetCustomAttributes(typeof(AuthorizeAttribute))
.Cast<AuthorizeAttribute>();
// If no attribute is defined on the action method, check the controller itself
if (attributes.Count() == 0)
{
attributes = methodInfo.DeclaringType
.GetCustomAttributes(typeof(AuthorizeAttribute))
.Cast<AuthorizeAttribute>();
}
return new MenuItem
{
Action = methodInfo.Name,
Controller = methodInfo.DeclaringType.Name,
Roles = string.Join(',', attributes.Select(a => a.Roles))
};
}
}
这可以这样调用:
var menuItem = MenuItem.For<Func<IActionResult>>(MyController.Details);
我有一个 MVC 控制器和一个 class,它创建一个菜单,其中的项目只能显示给具有控制器操作特定角色的用户。在下面的例子中,我不想向具有 Role2 的用户显示 Details 菜单项。我最终做的是在菜单项上指定相同的角色,我已经在控制器上指定了相同的角色。所以我有 2 个地方定义角色,它们必须相同,所以很容易出错。
我想做的是以某种方式从控制器获取角色,但我不知道如何去做,甚至不知道是否可能。
[Authorize(Roles = "Role1,Role2")]
public class MyController
{
public IActionResult Index()
{
return View();
}
[Authorize(Roles = "Role1")]
public IActionResult Details(int? id)
{
...
return View(...);
}
}
public class MenuItem
{
public string Action { get; set; }
public string Controller { get; set; }
public string Roles { get; set; }
}
...
var item = new MenuItem
{
Action = "Index",
Controller = "MyController",
Roles = "Role1,Role2", <---- this is what I do now.
Roles = GetRoles(MyController.Index.AuthorizedRoles) <---- this is what I need.
};
你的工厂方法怎么样 MenuItem:
public class MenuItem
{
public string Action { get; private set; }
public string Controller { get; private set; }
public string Roles { get; private set; }
private MenuItem() { }
public static MenuItem For<TMethod>(TMethod method) where TMethod : Delegate
{
var methodInfo = method.GetMethodInfo();
var attributes = methodInfo
.GetCustomAttributes(typeof(AuthorizeAttribute))
.Cast<AuthorizeAttribute>();
// If no attribute is defined on the action method, check the controller itself
if (attributes.Count() == 0)
{
attributes = methodInfo.DeclaringType
.GetCustomAttributes(typeof(AuthorizeAttribute))
.Cast<AuthorizeAttribute>();
}
return new MenuItem
{
Action = methodInfo.Name,
Controller = methodInfo.DeclaringType.Name,
Roles = string.Join(',', attributes.Select(a => a.Roles))
};
}
}
这可以这样调用:
var menuItem = MenuItem.For<Func<IActionResult>>(MyController.Details);