English 中文(简体)
Configure authorized roles dynamically via a config file in MVC Application
原标题:

I current have the following attribute decorating one of the action method.

[Authorize(Roles = "Admin")]
public ActionResult DoAdminTask()
{
//Do something

   return View();
}

Currently, only users in the Admin role can invoke this method, but this will change. Is there anyway I can store a list of authorised roles in a config file, rather than hard coding it into the source?

EDIT: Roles will change over time, and more than 1 role will need access. i.e. Users in either role A OR role B can access.

最佳回答

No way to do this with the standard authorize attribute, but you could extend the authorize attribute with your own custom authorize attribute and have it use a configuration file to determine the mapping between controller/action and the set of roles.

时间:2009-11-12 01:50:09
问题回答

but you can use something like 

public static class AppRoles
{
    public const string Users = "UsersRoleName";
    public const string Admin = "AdminRoleName";
}

and then Controller can have authorize attribute as

[Authorize(Roles = AppRoles.Admin)]
时间:2016-01-12 18:22:51

I felt this question deserved an answer with a code sample... Taking @tvanfosson s suggestion of extending the AuthorizeAttribute class, here s what I came up with (criticism is more than welcome).

AuthorizeFromConfiguration.cs:

public class AuthorizeFromConfiguration: AuthorizeAttribute
{
    public new string Roles
    {
        get {
            return base.Roles;
        }
        set {
            var config = new ConfigurationBuilder()
                .SetBasePath(Environment.CurrentDirectory)
                .AddJsonFile("authorization.json")
                .Build();
            base.Roles = config[value];
        }
    }
}

authorization.json:

{
    "Parts": {
        "Create": "contoso.com\MyWebApp_CreateNewPart",
        "Edit": "contoso.com\MyWebApp_EditPart"
    }
}

Example Usage:

[AuthorizeFromConfiguration(Roles = "Parts:Create")]
public class CreateModel : PageModel
{
    //...
}

Note: In my testing, the web-site had to be restarted before any changes to authorization.json file took effect, even when I tried changing the logic so that the JSON file was read on the get accessor instead of the set.

时间:2018-01-14 08:06:11


上一篇:
下一篇:


相关问题
WebForms and ASP.NET MVC co-existence

I am trying to make a WebForms project and ASP.NET MVC per this question. One of the things I ve done to make that happen is that I added a namespaces node to the WebForms web.config: <pages ...

时间:2009-11-13 05:33:15 回答:2 展示:1
Post back complex object from client side

I m using ASP.NET MVC and Entity Framework. I m going to pass a complex entity to the client side and allow the user to modify it, and post it back to the controller. But I don t know how to do that ...

时间:2009-11-13 05:30:52 回答:3 展示:1
Create an incremental placeholder in NHaml

What I want to reach is a way to add a script and style placeholder in my master. They will include my initial site.css and jquery.js files. Each haml page or partial can then add their own required ...

时间:2009-11-09 15:46:55 回答:1 展示:1
asp.net mvc automapper parsing

let s say we have something like this public class Person { public string Name {get; set;} public Country Country {get; set;} } public class PersonViewModel { public Person Person {get; ...

时间:2009-11-09 15:37:07 回答:3 展示:1
structureMap mocks stub help

I have an BLL that does validation on user input then inserts a parent(PorEO) and then inserts children(PorBoxEO). So there are two calls to the same InsertJCDC. One like this=>InsertJCDC(fakePor)...

时间:2009-11-09 15:17:25 回答:1 展示:1
ASP.NET MVC: How should it work with subversion?

So, I have an asp.net mvc app that is being worked on by multiple developers in differing capacities. This is our first time working on a mvc app and my first time working with .NET. Our app does not ...

时间:2009-11-09 15:09:28 回答:6 展示:1
System.Web.Mvc.Controller Initialize

i have the following base controller... public class BaseController : Controller { protected override void Initialize(System.Web.Routing.RequestContext requestContext) { if (...

时间:2009-11-05 09:38:39 回答:2 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全