本文介绍了基于安全ASP.Net MVC隐藏/显示菜单项的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我工作的一个ASP.Net MVC 3网站。该_layout主视图包含一个菜单,我想隐藏一些基于菜单中的项目,如果您登录了,你在什么样的角色。

I'm working on an ASP.Net MVC 3 site. The _Layout master view contains a menu and I want to hide some of the items in the menu based on if you are logged in and what roles you are in.

这目​​前是使用code这样的

This currently works using code like this

@if (HttpContext.Current.User.Identity.IsAuthenticated)
{
   <li id="MyLearningTab">@Html.ActionLink("My Learning", "MyLearning", "Learning")</li>
   if (HttpContext.Current.User.IsInRole("Reporters"))
   {
      <li id="ReportTab">@Html.ActionLink("Reports", "Index", "Reports")</li>
   }
   if (HttpContext.Current.User.IsInRole("Administrators"))
   {
      <li id="DashboardTab">@Html.ActionLink("Dashboard", "Dashboard", "Admin")</li>
      <li id="AdminTab">@Html.ActionLink("Admin", "Index", "Admin")</li>
   }
}

我想在更多的东西可读重构这一点,像这样的东西上来。

I'd like to refactor this in to something more readable and came up with something like this

@if ((bool)ViewData["MenuMyLearning"]){<li id="MyLearningTab">@Html.ActionLink("My Learning", "MyLearning", "Learning")</li> }
@if((bool)ViewData["MenuReports"]){<li id="ReportTab">@Html.ActionLink("Reports", "Index", "Reports")</li>}
@if ((bool)ViewData["MenuDashboard"]){<li id="DashboardTab">@Html.ActionLink("Dashboard", "Dashboard", "Admin")</li>}
@if ((bool)ViewData["MenuAdmin"]){<li id="AdminTab">@Html.ActionLink("Admin", "Index", "Admin")</li>}

我最初添加以下到我的基地的控制器构造想我可以设置的ViewData的这些属性有

I originally added the following to my base controller constructor thinking I could setup the ViewData for these properties there

ViewData["MenuDashboard"] = User != null && User.Identity.IsAuthenticated && User.IsInRole("Administrators");
ViewData["MenuAdmin"] = User != null && User.Identity.IsAuthenticated && User.IsInRole("Administrators");
ViewData["MenuReports"] = User != null && User.Identity.IsAuthenticated && User.IsInRole("Reportors");
ViewData["MenuMyLearning"] = User != null && User.Identity.IsAuthenticated;

然而事实证明,用户对象是在生命周期的这一点空。我也尝试创建一个自定义全局过滤器,但ViewData的是那么不可访问。

However it turns out the User object is null at this point in the lifecycle. I've also tried creating a custom global filter but the ViewData is then not accessable.

什么是做这样的事情的推荐的方法?如果我只是把它究竟是怎么回事先是用所有的HttpContext code的看法呢?

What is the recommended way of doing something like this? Should I just leave it how it was at first with all the HttpContext code in the view?

推荐答案

下面是我落得这样做。我创建了一个名为MenuSecurity为每个菜单项显示哪些项目应该是可见的静态布尔属性一个辅助类。每个属性看起来像这样

Here is what I ended up doing. I created a helper class called MenuSecurity with static boolean properties for each menu item showing which items should be visible. Each property looked like this

public static bool DashboardVisible
{
   get
   {
      return
         HttpContext.Current.User != null &&
         HttpContext.Current.User.Identity.IsAuthenticated;
   }
}

然后我收拾了,看起来像这样我的菜单局部视图

I then tidied up my menu partial view to look like this

@if (MenuSecurity.ReportsVisible){<li id="ReportTab">@Html.ActionLink("Reports", "Index", "Reports")</li>}
@if (MenuSecurity.DashboardVisible){<li id="DashboardTab">@Html.ActionLink("Dashboard", "Dashboard", "Admin")</li>}
@if (MenuSecurity.AdminVisible){<li id="AdminTab">@Html.ActionLink("Admin", "Index", "Admin")</li>}

这篇关于基于安全ASP.Net MVC隐藏/显示菜单项的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-06 09:49