gpt4 book ai didi

c# - ASP.NET Core 中基于声明的授权

转载 作者:行者123 更新时间:2023-11-30 21:33:02 29 4
gpt4 key购买 nike

我正在使用 Claims 在 ASP.NET Core 中开发自己的项目,我引用了以下文章:http://blog.geveo.com/Claim-based-authorization-ASP-core

我很难理解,从我们在步骤 05 中的 Permissions 那里,因为它之前没有在任何地方定义。有什么想法吗?

services.AddAuthorization(options =>
{
options.AddPolicy(PolicyTypes.Teams.Manage, policy => {
policy.RequireClaim(CustomClaimTypes.Permission, Permissions.Teams.Manage);
});
options.AddPolicy(PolicyTypes.Teams.AddRemove, policy => {
policy.RequireClaim(CustomClaimTypes.Permission, Permissions.Teams.AddRemove);
});
options.AddPolicy(PolicyTypes.Users.Manage, policy => {
policy.RequireClaim(CustomClaimTypes.Permission, Permissions.Users.Add);
});
options.AddPolicy(PolicyTypes.Users.EditRole, policy => {
policy.RequireClaim(CustomClaimTypes.Permission, Permissions.Users.EditRole);
});
}

最佳答案

该博文的第 2 步缺少一个包装 UsersTeams 类的类。它应该看起来像这样:

public static class Permissions
{
public static class Users
{
public const string Add = "users.add";
public const string Edit = "users.edit";
public const string EditRole = "users.edit.role";
}

public static class Teams
{
public const string AddRemove = "teams.addremove";
public const string EditManagers = "teams.edit.managers";
public const string Delete = "teams.delete";
}
}

最后,这只是定义了在整个应用程序中用于识别各种权限的通用值。您也可以只传递一些字符串,但将它们集中定义会使它更易于使用,因为您不需要记住魔术字符串。

关于c# - ASP.NET Core 中基于声明的授权,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51802479/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com