本文介绍了如何在ASP.NET CORE中为多个策略创建自定义Authorize属性的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想授权一个动作控制器可以被多个策略访问.
I want to authorize an action controller could access by multiple policies.
,例如:
[Authorize([Policies.ManageAllCalculationPolicy,Policies.ManageAllPriceListPolicy]]
public async Task<IActionResult> Get(int id){}
非常感谢.
推荐答案
对于多个策略,您可以实现自己的AuthorizeAttribute.
For multiple policys, you could implement your own AuthorizeAttribute.
-
AuthorizeMultiplePolicyAttribute
AuthorizeMultiplePolicyAttribute
public class AuthorizeMultiplePolicyAttribute:TypeFilterAttribute
{
public AuthorizeMultiplePolicyAttribute(string policies,bool IsAll):base(typeof(AuthorizeMultiplePolicyFilter))
{
Arguments = new object[] { policies,IsAll};
}
}
AuthorizeMultiplePolicyFilter
AuthorizeMultiplePolicyFilter
public class AuthorizeMultiplePolicyFilter: IAsyncAuthorizationFilter
{
private readonly IAuthorizationService _authorization;
public string _policies { get; private set; }
public bool _isAll { get; set; }
public AuthorizeMultiplePolicyFilter(string policies, bool IsAll,IAuthorizationService authorization)
{
_policies = policies;
_authorization = authorization;
_isAll = IsAll;
}
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
var policys = _policies.Split(";").ToList();
if (_isAll)
{
foreach (var policy in policys)
{
var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
if (!authorized.Succeeded)
{
context.Result = new ForbidResult();
return;
}
}
}
else
{
foreach (var policy in policys)
{
var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
if (authorized.Succeeded)
{
return;
}
}
context.Result = new ForbidResult();
return;
}
}
}
在启动时添加所需的策略
Add Policy you want on Startup
services.AddAuthorization(options =>
{
options.AddPolicy("ManageAllCalculationPolicy", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c => c.Type == "BadgeId")));
options.AddPolicy("ManageAllPriceListPolicy", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c => c.Type == "aaaa")));
});
基于其中一项策略的授权
Authorization based on one of the policies
[AuthorizeMultiplePolicy("ManageAllCalculationPolicy;ManageAllPriceListPolicy", false)]
基于所有策略的授权
Authorization based on all policies
[AuthorizeMultiplePolicy("ManageAllCalculationPolicy;ManageAllPriceListPolicy", true)]
这篇关于如何在ASP.NET CORE中为多个策略创建自定义Authorize属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!