CORE中为多个策略创建自定义Authorize属性

CORE中为多个策略创建自定义Authorize属性

本文介绍了如何在ASP.NET CORE中为多个策略创建自定义Authorize属性的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我想授权一个动作控制器可以被多个策略访问.

I want to authorize an action controller could access by multiple policies.

,例如:

[Authorize([Policies.ManageAllCalculationPolicy,Policies.ManageAllPriceListPolicy]]
public async Task<IActionResult> Get(int id){}

非常感谢.

推荐答案

对于多个策略,您可以实现自己的AuthorizeAttribute.

For multiple policys, you could implement your own AuthorizeAttribute.

  • AuthorizeMultiplePolicyAttribute

  • AuthorizeMultiplePolicyAttribute

public class AuthorizeMultiplePolicyAttribute:TypeFilterAttribute
{
public AuthorizeMultiplePolicyAttribute(string policies,bool IsAll):base(typeof(AuthorizeMultiplePolicyFilter))
{
    Arguments = new object[] { policies,IsAll};
}
}

  • AuthorizeMultiplePolicyFilter

  • AuthorizeMultiplePolicyFilter

    public class AuthorizeMultiplePolicyFilter: IAsyncAuthorizationFilter
    {
    private readonly IAuthorizationService _authorization;
    public string _policies { get; private set; }
    public bool _isAll { get; set; }
    public AuthorizeMultiplePolicyFilter(string policies, bool IsAll,IAuthorizationService authorization)
    {
        _policies = policies;
        _authorization = authorization;
        _isAll = IsAll;
    }
    
    public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
    {
    
        var policys = _policies.Split(";").ToList();
        if (_isAll)
        {
            foreach (var policy in policys)
            {
                var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
                if (!authorized.Succeeded)
                {
                    context.Result = new ForbidResult();
                    return;
                }
            }
        }
        else
        {
            foreach (var policy in policys)
            {
                var authorized = await _authorization.AuthorizeAsync(context.HttpContext.User, policy);
                if (authorized.Succeeded)
                {
                    return;
                }
            }
            context.Result = new ForbidResult();
            return;
        }
    }
    }
    

  • 在启动时添加所需的策略

  • Add Policy you want on Startup

    services.AddAuthorization(options =>
        {
    
            options.AddPolicy("ManageAllCalculationPolicy", policy =>
                    policy.RequireAssertion(context =>
                        context.User.HasClaim(c => c.Type == "BadgeId")));
    
            options.AddPolicy("ManageAllPriceListPolicy", policy =>
                    policy.RequireAssertion(context =>
                        context.User.HasClaim(c => c.Type == "aaaa")));
        });
    

  • 基于其中一项策略的授权

  • Authorization based on one of the policies

    [AuthorizeMultiplePolicy("ManageAllCalculationPolicy;ManageAllPriceListPolicy", false)]
    

  • 基于所有策略的授权

  • Authorization based on all policies

    [AuthorizeMultiplePolicy("ManageAllCalculationPolicy;ManageAllPriceListPolicy", true)]
    

  • 这篇关于如何在ASP.NET CORE中为多个策略创建自定义Authorize属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

    1403页,肝出来的..

    09-06 17:34