asp.net-mvc-4 – 覆盖用于MVC4应用程序的User.IsInRole和[Authorize(Roles

发布时间：2020-05-23 20:12:35 所属栏目：asp.Net 来源：互联网

导读：我已经为我的MVC4应用程序创建了一个自定义角色提供程序,我已成功覆盖CreateRole,GetAllRoles和RoleExists方法,并将它们链接到我现有的数据库,如下所示： namespace Project.Providers{ public class MyProvider : System.Web.Security.SqlRoleProvider { pri

我已经为我的MVC4应用程序创建了一个自定义角色提供程序,我已成功覆盖CreateRole,GetAllRoles和RoleExists方法,并将它们链接到我现有的数据库,如下所示：

namespace Project.Providers
{
  public class MyProvider : System.Web.Security.SqlRoleProvider
  {
    private MyContext dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);
    private Repository<MyUser> userRepository;
    private Repository<Role> roleRepository;

    public MyProvider()
    {
        this.userRepository = new Repository<MyUser>(dbcontext);
        this.roleRepository = new Repository<Role>(dbcontext);
    }

    public override string[] GetAllRoles()
    {
        IEnumerable<Role> dbRoles = roleRepository.GetAll();
        int dbRolesCount = roleRepository.GetAll().Count();
        string[] roles = new string[dbRolesCount];
        int i = 0;
        foreach(var role in dbRoles)
        {
            roles[i] = role.Name;
            i++;
        }
        return roles;
    }

    public override bool RoleExists(string roleName)
    {
        string[] roles = { "Admin","User","Business" };
        if(roles.Contains(roleName))
            return true;
        else
            return false;
    }

    public override void CreateRole(string roleName)
    {
        Role newRole = new Role();
        newRole.Name = roleName;
        roleRepository.Add(newRole);
        roleRepository.SaveChanges();
    }

    public override bool IsUserInRole(string userName,string roleName)
    {
        MyUser user = userRepository.Get(u => u.Username == userName).FirstOrDefault();
        Role role = roleRepository.Get(r => r.Name == roleName).FirstOrDefault();
        if (user.RoleID == role.RoleID)
            return true;
        else
            return false;
    }
  }
}

我一直无法找到覆盖的方法

User.IsInRole(string roleName)

当我使用时,我还必须做什么呢

[Authorize(Roles = "Admin")]

它将基于我设置的角色提供程序而不是asp默认值.

我的用户类现在如下：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.ComponentModel.DataAnnotations;
using System.Collections;
using System.Security.Principal;

namespace Project.Data
{
  public class MyUser : IPrincipal
  {
    [Key]
    public int UserID { get; set; }

    [StringLength(128)]
    public string Username { get; set; }              

    .....other properties

    public IIdentity Identity { get; set; }

    public bool IsInRole(string role)
    {
        if (this.Role.Name == role)
        {
            return true;
        }
        return false;
    }

    public IIdentity Identity
    {
        get { throw new NotImplementedException(); }
    }
  }
}

我的堆栈跟踪似乎在跟随：

System.Web.Security.RolePrincipal.IsInRole(String role)

所以我尝试以与设置自定义提供程序相同的方式实现自定义RolePrincipal,我是如何做到这一点的？不确定它需要什么构造函数.这是我的尝试：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Configuration.Provider;
using Project.Data;
using System.Web.Security;
using System.Security.Principal.IIdentity;

namespace Project.Principal
{
  public class MyPrincipal : System.Web.Security.RolePrincipal
  {
    private MyContext dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);
    private Repository<MyUser> userRepository;
    private Repository<Role> roleRepository;        

    public MyPrincipal()
    {
        this.userRepository = new Repository<MyUser>(dbcontext);
        this.roleRepository = new Repository<Role>(dbcontext);
    }

    public override bool IsInRole(string role)
    {
        //code to be added
        return true;
    }
}

}

解决方法

您只需要在自定义角色提供程序中覆盖方法GetRolesForUser,而不是更逻辑的IsUserInRole,因为这是执行某些不需要的缓存的默认实现所调用的.

（编辑：安卓应用网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!