用户编辑页面的索赔管理最佳实践
Claim Management best practise for user edit page
我已经设法让索赔工作并且它运作良好,但我想扩展 cliams table 以拥有控制器和区域我还想在复选框的编辑页面中显示角色。
目前我的声明权限如下。
我不,我可以通过这种方式获得每个角色的所有权限
public async Task<ActionResult> Index(string roleId)
{
var model = new PermissionViewModel();
var allPermissions = new List<RoleClaimsViewModel>();
allPermissions.GetPermissions(typeof(Permissions.Products), roleId);
var role = await _roleManager.FindByIdAsync(roleId);
model.RoleId = roleId;
var claims = await _roleManager.GetClaimsAsync(role);
var allClaimValues = allPermissions.Select(a => a.Value).ToList();
var roleClaimValues = claims.Select(a => a.Value).ToList();
var authorizedClaims = allClaimValues.Intersect(roleClaimValues).ToList();
foreach (var permission in allPermissions)
{
if (authorizedClaims.Any(a => a == permission.Value))
{
permission.Selected = true;
}
}
model.RoleClaims = allPermissions;
return View(model);
}
所以我的两个问题是如何扩展角色声明 table 以及如何提供用户可以更改声明的编辑页面。他们是否对声明的编辑页面有任何最佳实践。
how does one extend the role claims table and how does one provide an
edit page that the user can change the claims.
要扩展角色声明 table,就像扩展 AspNetUser table。你应该继承自 IdentityRoleClaim.
这样的代码:
public class ApplicationUser : IdentityUser
{
public virtual ICollection<ApplicationUserClaim> Claims { get; set; }
public virtual ICollection<ApplicationUserLogin> Logins { get; set; }
public virtual ICollection<ApplicationUserToken> Tokens { get; set; }
public virtual ICollection<ApplicationUserRole> UserRoles { get; set; }
}
public class ApplicationRole : IdentityRole
{
public virtual ICollection<ApplicationUserRole> UserRoles { get; set; }
public virtual ICollection<ApplicationRoleClaim> RoleClaims { get; set; }
}
public class ApplicationUserRole : IdentityUserRole<string>
{
public virtual ApplicationUser User { get; set; }
public virtual ApplicationRole Role { get; set; }
}
public class ApplicationUserClaim : IdentityUserClaim<string>
{
public virtual ApplicationUser User { get; set; }
}
public class ApplicationUserLogin : IdentityUserLogin<string>
{
public virtual ApplicationUser User { get; set; }
}
public class ApplicationRoleClaim : IdentityRoleClaim<string>
{
public DateTime Created { get; set; }
public virtual ApplicationRole Role { get; set; }
}
public class ApplicationUserToken : IdentityUserToken<string>
{
public virtual ApplicationUser User { get; set; }
}
数据库上下文:
public class ApplicationDbContext : IdentityDbContext<ApplicationUser, ApplicationRole, string,
ApplicationUserClaim, ApplicationUserRole, ApplicationUserLogin,
ApplicationRoleClaim, ApplicationUserToken>
{
public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
: base(options)
{
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
modelBuilder.Entity<ApplicationUser>(b =>
{
// Each User can have many UserClaims
b.HasMany(e => e.Claims)
.WithOne(e => e.User)
.HasForeignKey(uc => uc.UserId)
.IsRequired();
// Each User can have many UserLogins
b.HasMany(e => e.Logins)
.WithOne(e => e.User)
.HasForeignKey(ul => ul.UserId)
.IsRequired();
// Each User can have many UserTokens
b.HasMany(e => e.Tokens)
.WithOne(e => e.User)
.HasForeignKey(ut => ut.UserId)
.IsRequired();
// Each User can have many entries in the UserRole join table
b.HasMany(e => e.UserRoles)
.WithOne(e => e.User)
.HasForeignKey(ur => ur.UserId)
.IsRequired();
});
modelBuilder.Entity<ApplicationRole>(b =>
{
// Each Role can have many entries in the UserRole join table
b.HasMany(e => e.UserRoles)
.WithOne(e => e.Role)
.HasForeignKey(ur => ur.RoleId)
.IsRequired();
// Each Role can have many associated RoleClaims
b.HasMany(e => e.RoleClaims)
.WithOne(e => e.Role)
.HasForeignKey(rc => rc.RoleId)
.IsRequired();
});
}
}
然后,您可以执行迁移命令来更新数据库。之后,您可以通过 ApplicationDbContext 和 ApplicationRole 和 ApplicationRoleClaim 模型访问 AspNetRole 和 AspNetRoleClaim table。更多详细信息,请参考Customize the model.
我已经设法让索赔工作并且它运作良好,但我想扩展 cliams table 以拥有控制器和区域我还想在复选框的编辑页面中显示角色。
目前我的声明权限如下。
我不,我可以通过这种方式获得每个角色的所有权限
public async Task<ActionResult> Index(string roleId)
{
var model = new PermissionViewModel();
var allPermissions = new List<RoleClaimsViewModel>();
allPermissions.GetPermissions(typeof(Permissions.Products), roleId);
var role = await _roleManager.FindByIdAsync(roleId);
model.RoleId = roleId;
var claims = await _roleManager.GetClaimsAsync(role);
var allClaimValues = allPermissions.Select(a => a.Value).ToList();
var roleClaimValues = claims.Select(a => a.Value).ToList();
var authorizedClaims = allClaimValues.Intersect(roleClaimValues).ToList();
foreach (var permission in allPermissions)
{
if (authorizedClaims.Any(a => a == permission.Value))
{
permission.Selected = true;
}
}
model.RoleClaims = allPermissions;
return View(model);
}
所以我的两个问题是如何扩展角色声明 table 以及如何提供用户可以更改声明的编辑页面。他们是否对声明的编辑页面有任何最佳实践。
how does one extend the role claims table and how does one provide an edit page that the user can change the claims.
要扩展角色声明 table,就像扩展 AspNetUser table。你应该继承自 IdentityRoleClaim.
这样的代码:
public class ApplicationUser : IdentityUser
{
public virtual ICollection<ApplicationUserClaim> Claims { get; set; }
public virtual ICollection<ApplicationUserLogin> Logins { get; set; }
public virtual ICollection<ApplicationUserToken> Tokens { get; set; }
public virtual ICollection<ApplicationUserRole> UserRoles { get; set; }
}
public class ApplicationRole : IdentityRole
{
public virtual ICollection<ApplicationUserRole> UserRoles { get; set; }
public virtual ICollection<ApplicationRoleClaim> RoleClaims { get; set; }
}
public class ApplicationUserRole : IdentityUserRole<string>
{
public virtual ApplicationUser User { get; set; }
public virtual ApplicationRole Role { get; set; }
}
public class ApplicationUserClaim : IdentityUserClaim<string>
{
public virtual ApplicationUser User { get; set; }
}
public class ApplicationUserLogin : IdentityUserLogin<string>
{
public virtual ApplicationUser User { get; set; }
}
public class ApplicationRoleClaim : IdentityRoleClaim<string>
{
public DateTime Created { get; set; }
public virtual ApplicationRole Role { get; set; }
}
public class ApplicationUserToken : IdentityUserToken<string>
{
public virtual ApplicationUser User { get; set; }
}
数据库上下文:
public class ApplicationDbContext : IdentityDbContext<ApplicationUser, ApplicationRole, string,
ApplicationUserClaim, ApplicationUserRole, ApplicationUserLogin,
ApplicationRoleClaim, ApplicationUserToken>
{
public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
: base(options)
{
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
modelBuilder.Entity<ApplicationUser>(b =>
{
// Each User can have many UserClaims
b.HasMany(e => e.Claims)
.WithOne(e => e.User)
.HasForeignKey(uc => uc.UserId)
.IsRequired();
// Each User can have many UserLogins
b.HasMany(e => e.Logins)
.WithOne(e => e.User)
.HasForeignKey(ul => ul.UserId)
.IsRequired();
// Each User can have many UserTokens
b.HasMany(e => e.Tokens)
.WithOne(e => e.User)
.HasForeignKey(ut => ut.UserId)
.IsRequired();
// Each User can have many entries in the UserRole join table
b.HasMany(e => e.UserRoles)
.WithOne(e => e.User)
.HasForeignKey(ur => ur.UserId)
.IsRequired();
});
modelBuilder.Entity<ApplicationRole>(b =>
{
// Each Role can have many entries in the UserRole join table
b.HasMany(e => e.UserRoles)
.WithOne(e => e.Role)
.HasForeignKey(ur => ur.RoleId)
.IsRequired();
// Each Role can have many associated RoleClaims
b.HasMany(e => e.RoleClaims)
.WithOne(e => e.Role)
.HasForeignKey(rc => rc.RoleId)
.IsRequired();
});
}
}
然后,您可以执行迁移命令来更新数据库。之后,您可以通过 ApplicationDbContext 和 ApplicationRole 和 ApplicationRoleClaim 模型访问 AspNetRole 和 AspNetRoleClaim table。更多详细信息,请参考Customize the model.