因此,我认为你说的是:ActionA只能访问,如果用户有PERM1,PERM2,同样ActionB是可访问的,当用户有PERM1和perm3
我给的代码是为了说明,我没有编译它。但是会给你方法的画面我很说明
STEP 1:您可以创建具有标志归因权限枚举进行属性
STEP 2:加入声称目前的主要依据用户权限存储在数据存储中。
步骤3:当操作被调用针对权利要求
[Flags]
enum PermType
{
None = 0x0,
Perm1 = 0x1,
perm2 = 0x2,
perm3 = 0x4,
perm4 = 0x8,
perm5 = 0x10
}
添加的权利要求书中所述CurrentPrincipal
var currentPrincipal = ClaimsPrincipal.Current;
var cms = currentPrincipal.Claims;
var permissions = PermType.Perm1 | PermType.perm2;
var claims = cms.ToList();
claims.Add(new Claim("Action1", permissions.ToString()));
claims.Add(new Claim("Action2", permissions.ToString()));
claims.Add(new Claim("Action3", permissions.ToString()));
System.Threading.Thread.CurrentPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims));
检查授权访问如果用户可以访问的特定动作
public bool CanAccessThisAction(string acionName,PermType requiredPerms)
{
var claim = principal.Claims.FirstOrDefault(c => c.Type == acionName);
if (customPermissionClaim != null)
{
//check if required permission is present in claims for this user
//return true/false
}
return false;
}
行动
public ActionResult TestAction(string id)
{
if(CanAccessThisAction("TestAction",PermType.Perm1|PermType.perm3|PermType.perm5))
{
//do your work here
}
else
{
//redirect user to some other page which says user is not authorized
}
}
您可能想要去与asp.net的内置feautre这是基于声明的身份验证。 Follow link for more details http://visualstudiomagazine.com/articles/2013/08/01/leveraging-claims-based-security-in-aspnet-45.aspx – hungrycoder