问题描述
我创建了一个新的asp.net核心Web应用程序,该应用程序使用单个用户帐户.现在,我正在尝试实现一个简单的角色分配方案.
I created a new asp.net core web application which uses individual user accounts. now i am trying to implement a simple role assignment scenario.
所以我注册了一个测试用户,该用户被添加到AspNetUser表中:
so i register a test user, where the user got added inside the AspNetUser table:-
然后在AspNetRole中添加一个名为管理员"的新角色:
then i add a new Role named "Administrator" inside the AspNetRole:-
然后我添加了一个新的AspNetUserRole将用户链接到角色:-
then i added a new AspNetUserRole to link the user to the Role:-
然后,我在About动作方法上添加了以下Authorize批注:-
then i added the following Authorize annotation on the About action method:-
[Authorize(Roles = "Administrator")]
public IActionResult About()
{
ViewData["Message"] = "Your application description page.";
return View();
}
但是当我尝试使用用户访问关于"操作方法时,出现此错误:-
but when i try to access the About action method using the user, i got this error:-
编辑
这里是startup.cs
,我还没有修改,所以我认为它包含内置代码:-
Here is the startup.cs
, which i have not modified, so i think it contain the built-in code:-
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using WebApplication2.Data;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
namespace WebApplication2
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
推荐答案
我猜您是在创建用户后手动在AspNetUserRole
表中创建角色和链接角色.请不要忘记注销用户并再次登录,这样角色声明将获取/更新新添加的角色.
I guess you manually create role and link role in AspNetUserRole
table after creating your user . Please don't forget to Logout user and login again , so role claims will get/update the new added role .
这篇关于在asp.net核心内向用户分配角色将返回此错误“您无权访问此资源".的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!