Web API OData控制器和授权属性

时间:2013-03-07 02:13:01

标签: asp.net-mvc asp.net-mvc-4 asp.net-web-api odata .net-4.5

我正在尝试使用MVC样式授权过滤器作为OData Web API控制器的Get()操作方法的属性,但忽略了授权过滤器。可以授权属性与EntitySetController或ODataController一起使用吗?

public class MyEntityController : EntitySetController<MyEntity, int>
{
    [CustomAuthorizeAttribute(AccessPermission.View)]
    [Queryable( AllowedQueryOptions = AllowedQueryOptions.All)]
    public override IQueryable<MyEntity> Get()
    {
        // Contents omitted.
    }
}

public class CustomAuthorizeAttribute : AuthorizeAttribute
{
    public AccessPermission RequiredPermission { get; set; }

    public CustomAuthorizeAttribute(AccessPermission requiredPermission)
    {
        RequiredPermission = requiredPermission;
    }
}

1 个答案:

答案 0 :(得分:4)

是的,他们可以,但自定义身份验证属性应该继承自System.Web.Http.AuthorizeAttribute

试试这个实现:

public class CustomAuthorizeAttribute : System.Web.Http.AuthorizeAttribute
{
    public AccessPermission RequiredPermission { get; set; }

    public CustomAuthorizeAttribute(AccessPermission requiredPermission)
    {
        RequiredPermission = requiredPermission;
    }
}
相关问题
最新问题