它支持创建多个权限每个资源(每个分区键),下面是一个例子:。
User user = await client.CreateUserAsync(UriFactory.CreateDatabaseUri("SampleDatabase"), new User { Id = "NewUser" });
Permission permission = await client.CreatePermissionAsync(
user.SelfLink,
new Permission
{
Id = "ReadA",
PermissionMode = PermissionMode.Read,
ResourcePartitionKey = new PartitionKey("Andersen"),
ResourceLink = collection.SelfLink
});
Permission permission2 = await client.CreatePermissionAsync(
user.SelfLink,
new Permission
{
Id = "ReadW",
PermissionMode = PermissionMode.Read,
ResourcePartitionKey = new PartitionKey("Wakefield"),
ResourceLink = collection.SelfLink
});
权限适用于具有相同分区键的所有文档。所以,当你访问一个文件与权限的分区键,DocumentDB成功返回文档,但与其它分区键,DocumentDB返回授权错误:
DocumentClient restrictedClient1 = new DocumentClient(
new Uri("https://FILLME:443/"),
permission.Token);
// Succeeds
await restrictedClient1.ReadDocumentAsync(
UriFactory.CreateDocumentUri("SampleDatabase", "SampleCollection", "AndersenFamily"),
new RequestOptions { PartitionKey = new PartitionKey("Andersen") });
// Fails
await restrictedClient1.ReadDocumentAsync(
UriFactory.CreateDocumentUri("SampleDatabase", "SampleCollection", "WakefieldFamily"),
new RequestOptions { PartitionKey = new PartitionKey("Wakefield") });
边注 - 可以请你,请添加一个链接到文件这说明了这一点?这应该由DocumentDB团队纠正。 –