asp.net-mvc 获取 ActionName、ControllerName 和 AreaName 并传入 ActionFilter 属性
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9976476/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Get ActionName, ControllerName and AreaName and pass it in ActionFilter Attribute
提问by Saeid
I use a custom AuthorizationFilter like the followings:
我使用自定义 AuthorizationFilter 如下所示:
public class ActionAuthorizeAttribute : AuthorizeAttribute {
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) {
if(!httpContext.User.Identity.IsAuthenticated)
return false;
if(IsUserExcluded())
return false;
else
return IsRoleAuthorize(httpContext);
}
}
I use this filter at the top of each action I have, and for check Is Authorized, need Action Name, Controller Name, And Area Name. So is there any way to get this names in AuthorizeCore()method like use System.Web.HttpContextBase? if answer is No then how can I get this names and pass it to attribute, obviously I don't want to add each name by hand, actually something likeViewContext.RouteData.Values["Controller"]in controllers:
我在我拥有的每个操作的顶部使用此过滤器,对于检查是否已授权,需要操作名称、控制器名称和区域名称。那么有没有办法在AuthorizeCore()像 use这样的方法中获得这个名字System.Web.HttpContextBase?如果答案是否定的,那么我怎样才能得到这个名字并将它传递给属性,显然我不想手动添加每个名字,实际上就像ViewContext.RouteData.Values["Controller"]在控制器中一样:
[ActionAuthorize(actionName=Action, controller=ControllerName, area=AreaName)]
public ActionResult Index() {
return View();
}
Does any one have any idea about it?
有没有人对此有任何想法?
回答by Darin Dimitrov
You could fetch them from the RouteData:
您可以从 RouteData 中获取它们:
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
var rd = httpContext.Request.RequestContext.RouteData;
string currentAction = rd.GetRequiredString("action");
string currentController = rd.GetRequiredString("controller");
string currentArea = rd.Values["area"] as string;
...
}
回答by Mukhtiar Zamin
Face the same issue just a moment ago and my solution is:
刚才遇到同样的问题,我的解决方案是:
Define 2 attributes in your ActionAuthorizeAttribute class e.g.
public string ControllerName {get;set;} public string ActionName {get;set;}While annotating your action of the controller specify them e.g.
[ActionAuthorize(Roles="Admin", ContollerName="ControllerName",ActionName="ActionName")]** public ActionResult Disable(int id) { ... }
在 ActionAuthorizeAttribute 类中定义 2 个属性,例如
public string ControllerName {get;set;} public string ActionName {get;set;}在注释控制器的动作时指定它们,例如
[ActionAuthorize(Roles="Admin", ContollerName="ControllerName",ActionName="ActionName")]** public ActionResult Disable(int id) { ... }
回答by Eduardo Chávez
Getting the area will not work if you are on a custom filter the next will work to get an area
如果您使用自定义过滤器,则获取区域将不起作用,下一个将用于获取区域
filterContext.RouteData.DataTokens["area"]
回答by change
> namespace dene.kontroller {
> public class daAttribute: AuthorizeAttribute
> {
> private Entities db = new Entities();
> private readonly string[] allowedroles;
> public daAttribute(params string[] roles)
> {
> this.allowedroles = roles;
> }
>
>
> protected override bool AuthorizeCore(HttpContextBase httpContext)
> {
> bool authorize = false;
> foreach (var role in allowedroles)
> {
> if (role == HttpContext.Current.User.Identity.Name)
> {
>
> if (role!= null)
> {
> authorize = true;
> }
> }
>
>
> }
> return authorize;
> }
>
>
> protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
> {
>
> FormsAuthentication.SignOut();
> filterContext.Result = new HttpUnauthorizedResult();
> }
>
> } }
