我正在尝试使用MVC样式授权过滤器作为OData Web API控制器的Get()操作方法的属性,但忽略了授权过滤器。可以授权属性与EntitySetController或ODataController一起使用吗?
public class MyEntityController : EntitySetController<MyEntity, int>
{
[CustomAuthorizeAttribute(AccessPermission.View)]
[Queryable( AllowedQueryOptions = AllowedQueryOptions.All)]
public override IQueryable<MyEntity> Get()
{
// Contents omitted.
}
}
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
public AccessPermission RequiredPermission { get; set; }
public CustomAuthorizeAttribute(AccessPermission requiredPermission)
{
RequiredPermission = requiredPermission;
}
}
答案 0 :(得分:4)
是的,他们可以,但自定义身份验证属性应该继承自System.Web.Http.AuthorizeAttribute
试试这个实现:
public class CustomAuthorizeAttribute : System.Web.Http.AuthorizeAttribute
{
public AccessPermission RequiredPermission { get; set; }
public CustomAuthorizeAttribute(AccessPermission requiredPermission)
{
RequiredPermission = requiredPermission;
}
}