gpt4 book ai didi

c# - 如何使用Identity 2.0使用Authorize属性在行动中添加多个策略?

转载 作者:行者123 更新时间:2023-12-03 09:48:13 25 4
gpt4 key购买 nike

我的身份是2.1.2,具有asp.net core 2.0,我具有应用程序声明表,该表具有声明类型和声明值
即Assets,Assets Edit,Assets,Assets View,其中声明类型与不同的声明值相同,并且我正在使用声明类型名称创建策略,这对我来说很好,不知道如何在一项操作中添加多个策略。下面的代码在启动文件中用于创建策略。

services.AddAuthorization(options =>
{
var dbContext = SqlServerDbContextOptionsExtensions.UseSqlServer(new DbContextOptionsBuilder<MyDBContext>(),
Configuration.GetConnectionString("TestIdentityClaimAuth")).Options;

var dbCon = new MyDBContext(dbContext);
//Getting the list of application claims.
var applicationClaims = dbCon.ApplicationClaims.ToList();
var strClaimValues = string.Empty;
List<ClaimVM> lstClaimTypeVM = new List<ClaimVM>();
IEnumerable<string> lstClaimValueVM = null;// new IEnumerable<string>();

lstClaimTypeVM = (from dbAppClaim
in dbCon.ApplicationClaims
select new ClaimVM
{
ClaimType = dbAppClaim.ClaimType
}).Distinct().ToList();

foreach (ClaimVM objClaimType in lstClaimTypeVM)
{
lstClaimValueVM = (from dbClaimValues in dbCon.ApplicationClaims
where dbClaimValues.ClaimType == objClaimType.ClaimType
select dbClaimValues.ClaimValue).ToList();

options.AddPolicy(objClaimType.ClaimType, policy => policy.RequireClaim(objClaimType.ClaimType, lstClaimValueVM));
lstClaimValueVM = null;
}
});
在我的 Controller 中使用这样的Autherize属性。
[Authorize(Policy = "Assets Edit")]
在此先感谢您的帮助。

最佳答案

对于多种策略,您可以实现自己的AuthorizeAttribute

  • MultiplePolicysAuthorizeAttribute
    public class MultiplePolicysAuthorizeAttribute : TypeFilterAttribute
    {
    public MultiplePolicysAuthorizeAttribute(string policys, bool isAnd = false) : base(typeof(MultiplePolicysAuthorizeFilter))
    {
    Arguments = new object[] { policys, isAnd };
    }
    }
  • MultiplePolicysAuthorizeFilter
    public class MultiplePolicysAuthorizeFilter : IAsyncAuthorizationFilter
    {
    private readonly IAuthorizationService _authorization;
    public string Policys { get; private set; }
    public bool IsAnd { get; private set; }

    public MultiplePolicysAuthorizeFilter(string policys, bool isAnd, IAuthorizationService authorization)
    {
    Policys = policys;
    IsAnd = isAnd;
    _authorization = authorization;
    }

    public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
    {
    var policys = Policys.Split(";").ToList();
    if (IsAnd)
    {
    foreach (var policy in policys)
    {
    var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
    if (!authorized.Succeeded)
    {
    context.Result = new ForbidResult();
    return;
    }

    }
    }
    else
    {
    foreach (var policy in policys)
    {
    var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
    if (authorized.Succeeded)
    {
    return;
    }

    }
    context.Result = new ForbidResult();
    return;
    }
    }
    }
  • 只需要以下一项策略
    [MultiplePolicysAuthorize("Assets View;Assets Edit;Assets Delete")]
  • 只需要所有策略
    [MultiplePolicysAuthorize("Assets View;Assets Edit;Assets Delete", true)]
  • 关于c# - 如何使用Identity 2.0使用Authorize属性在行动中添加多个策略?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52628473/

    25 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com