Asp.net核心IAuthorizationFilter :返回空的顶级属性
Asp.net核心IAuthorizationFilter :返回空的顶级属性
提问于 2022-06-10 10:47:59
我使用的是.NET核心3和AuthorizationFilter继承的IAuthorizationFilter。在我的顶层属性上,我添加了自定义属性(ModulePermission)。
我需要获得AuthorizeActionFilter -> OnAuthorization函数上的属性值。
但是,我可以访问当前动作自定义属性(ActionPermission)。但我的顶级属性为null。( var模块= actionDescriptor.MethodInfo.GetCustomAttributes(true).FirstOrDefault(i => i is ModulePermissionAttribute);)
示例
Api控制器:
[ModulePermission(Module.Product)]
[Route("api/products")]
[ApiController]
public class ProductController : BaseApiController
{
public ProductController()
{
}
[Route(""), HttpPost, ActionPermission(Action.READ)]
public Response<Product> Get()
{
// some code
}
}授权类别:
using System;
using System.Linq;
using System.Reflection;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
public enum Module
{
User,
Product
}
public enum Action
{
Read,
Delete,
Add,
Edit
}
[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
public class ActionPermissionAttribute : Attribute
{
private Action _action;
public Action action { get { return action; } }
public ActionPermissionAttribute(Action action = Action.Read)
{
_action = action;
}
}
[AttributeUsage(AttributeTargets.Class, AllowMultiple = false)]
public class ModulePermissionAttribute : Attribute
{
private string _module;
public string Module { get { return _module; } }
public ModulePermissionAttribute(string module = "")
{
if (string.IsNullOrEmpty(module))
{
_module = "Novalue";
}
else
{
_module = module;
}
}
public ModulePermissionAttribute(Type module)
{
_module = module.Name;
}
}
public class AuthorizeAttribute : TypeFilterAttribute
{
public AuthorizeAttribute()
: base(typeof(AuthorizeActionFilter))
{
}
}
public class AuthorizeActionFilter : IAuthorizationFilter
{
public AuthorizeActionFilter()
{
}
public void OnAuthorization(AuthorizationFilterContext context)
{
bool isAuthorized = //check authorized or not
var actionDescriptor = (context.ActionDescriptor as ControllerActionDescriptor);
var module = actionDescriptor.MethodInfo.GetCustomAttributes<ModulePermissionAttribute>(true).FirstOrDefault(i => i is ModulePermissionAttribute);
// **here module is always null**
var method = actionDescriptor.MethodInfo.GetCustomAttributes<ActionPermissionAttribute>(false).FirstOrDefault(i => i is ActionPermissionAttribute);
// check module and method exists for the user
if (!isAuthorized)
{
context.Result = new ForbidResult();
}
}
}回答 1
Stack Overflow用户
回答已采纳
发布于 2022-06-13 10:23:28
使用EndpointMetadata找到答案
var module = context.ActionDescriptor.EndpointMetadata.OfType<ModulePermissionAttribute>().FirstOrDefault();希望这能帮到别人
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72573052
复制相关文章
相似问题
腾讯云开发者
