ASP.NET Microsoft身份问题

时间:2015-10-05 08:43:45

标签: asp.net-mvc asp.net-identity asp.net-authorization

我有使用Microsoft身份会员资格的asp.net mvc项目。我的角色是:管理员,代理,客户,内容编辑,初级。 Junior角色是最后添加的,我无法使用它登录。这是登录后调用的控制器:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PoloCpi.Data.Services.Interfaces;
using PoloCpi.Model.ViewModels;

namespace PoloCpi.Web.Areas.Admin.Controllers
{
/// <summary>
/// Dashboard controller
/// </summary>
public class DashboardController : Controller
{

    private readonly IJobService _obJobService;
    private readonly IAgentService _objAgentService;
    private readonly IHistoryLogsService _objHistoryLogsService;
    private readonly IFileUploadService _objFileUploadService;
    private readonly IJobReportService _objJobReportService;


    public DashboardController(IJobService obJobService, IAgentService objAgentService, IHistoryLogsService objHistoryLogsService, IFileUploadService objFileUploadService, IJobReportService objJobReportService)
    {
        _obJobService = obJobService;
        _objAgentService = objAgentService;
        _objHistoryLogsService = objHistoryLogsService;
        _objFileUploadService = objFileUploadService;
        _objJobReportService = objJobReportService;
    }

    //
    // GET: /Admin/Dashboard/
    //[Authorize(Roles = "Admin, Agent, Client, ContentEditor, Junior")]
    public ActionResult Index()
    {
        return View();
    }

    /// <summary>
    /// Date reminders
    /// </summary>
    /// <returns></returns>
    public ActionResult MattersDateReminders(int page = 1, int pageSize = 10)
    {
        var reminderDates = _obJobService.GetReminderDates(page, pageSize);

        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        ViewBag.Description = "Reminder dates";

        ViewBag.Container = "reminder-dates-container";

        ViewBag.ShowMoreId = "reminder-dates-show-more";

        if (Request.IsAjaxRequest())
        {
            return Json(new { reminderDates = reminderDates, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", reminderDates);
    }

    /// <summary>
    /// Last day of services
    /// </summary>
    /// <returns></returns>
    public ActionResult LastDayOfServices(int page = 1, int pageSize = 10)
    {
        var lastDayOfServices = _obJobService.GetLastDayOfServices(page, pageSize);

        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        ViewBag.Description = "Last day of services";

        ViewBag.Container = "last-dates-container";

        ViewBag.ShowMoreId = "last-dates-show-more";

        if (Request.IsAjaxRequest())
        {
            return Json(new { lastDayOfServices = lastDayOfServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", lastDayOfServices);
    }

    /// <summary>
    /// Agent licenses
    /// </summary>
    /// <param name="page">page</param>
    /// <param name="pageSize">pageSize</param>
    /// <returns>List of agent liceses</returns>
    public ActionResult AgentLicenses(int page = 1, int pageSize = 10)
    {

        var agentLicenses = _objAgentService.CheckForExpiringLicenses(page, pageSize);

        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        ViewBag.Title = "Agent Licenses";
        ViewBag.Controller = "Agent";
        ViewBag.Action = "GetAgentLicenses";
        ViewBag.Container = "agent-licenses-container";
        ViewBag.ShowMoreId = "agent-licenses-show-more";

        if (Request.IsAjaxRequest())
        {
            return Json(new { agentLicenses = agentLicenses, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", agentLicenses);
    }

    /// <summary>
    /// Agent reports
    /// </summary>
    /// <param name="page">page</param>
    /// <param name="pageSize">page size</param>
    /// <returns>List of agent reports</returns>
    public ActionResult AgentReports(int page = 1, int pageSize = 10)
    {
        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        var objJobReportServices = _objJobReportService.FindAgentReportAlerts(page, pageSize);

        ViewBag.Title = "Agent Reports";
        ViewBag.Controller = "Job";
        ViewBag.Action = "JobDetails";

        ViewBag.Container = "agent-reports-container";
        ViewBag.ShowMoreId = "agent-reports-show-more";

        if (Request.IsAjaxRequest())
        {
            return Json(new { jobReports = objJobReportServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", objJobReportServices);
    }


    /// <summary>
    /// File uploads
    /// </summary>
    /// <param name="page">page</param>
    /// <param name="pageSize">page size</param>
    /// <returns>List of file uploads</returns>
    public ActionResult FileUploads(int page = 1, int pageSize = 10)
    {
        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        var fileUploadsList = _objFileUploadService.FindFileUploadsAlerts(page, pageSize);


        ViewBag.Title = "File Uploads";
        ViewBag.Controller = "FileUpload";
        ViewBag.Action = "Files";

        ViewBag.Container = "file-uploads-container";
        ViewBag.ShowMoreId = "file-uploads-show-more";

        if (Request.IsAjaxRequest())
        {
            return Json(new { fileUploads = fileUploadsList, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", fileUploadsList);
    }

    /// <summary>
    /// Latest activities
    /// </summary>
    /// <param name="page">page</param>
    /// <param name="pageSize">page size</param>
    /// <returns>List of latest activities</returns>
    public ActionResult LatestActivityOfAdmins(int page = 1, int pageSize = 10)
    {
        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        var latestActivities = _objHistoryLogsService.GetHistoryLogs(page, pageSize);

        if (Request.IsAjaxRequest())
        {
            return Json(new { latestActivities = latestActivities, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_LatestAdminActivity.cshtml", latestActivities);
    }

    /// <summary>
    /// Invoices 
    /// </summary>
    /// <param name="page">Page</param>
    /// <param name="pageSize">Page Size</param>
    /// <returns>List of invoices</returns>
    public ActionResult Invoices(int page = 1, int pageSize = 10)
    {
        TempData["page"] = page;

        TempData["pageSize"] = pageSize;

        var objInvoiceAlerts = _obJobService.FindClosedMattersWithoutInvoice(page, pageSize);

        if (Request.IsAjaxRequest())
        {
            return Json(new { invoiceAlerts = objInvoiceAlerts, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
        }

        return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_Invoices.cshtml", objInvoiceAlerts);
    }


}
}

据你所知,根本没有authorize属性,如果我手动输入url逻辑,我需要进入仪表板,而不是我被重定向到登录页面。

以下是我的登录操作:

/// <summary>
        /// Login action for post data
        /// </summary>
        /// <param name="userModel">User model object</param>
        /// <param name="returnUrl">Return url</param>
        /// <returns>View</returns>
        [HttpPost]
        [ValidateAntiForgeryToken]
        [AllowAnonymous]
        public async Task<ActionResult> Login(LoginViewModel userModel, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return View(userModel);
            }

            var _objApplicationUser = await _objUserService.FindUser(userModel.UserName, userModel.Password);

            if (_objApplicationUser == null)
            {
                ModelState.AddModelError(string.Empty, UIStrings.STR_USER_EXISTS);
                return View(userModel);
            }

            if (!_objApplicationUser.IsActive)
            {
                ModelState.AddModelError(string.Empty, UIStrings.STR_USER_NOT_ACTIVE);
                return View(userModel);
            }

            await _objUserService.SignIn(HttpContext.GetOwinContext().Authentication, _objApplicationUser, userModel.RemeberMe);

            string strUserId = _objApplicationUser.Id.ToString();
            var objRoleForCurrentUser = _objUserService.FindUserById(strUserId);

            if (objRoleForCurrentUser.Role == "Admin" || objRoleForCurrentUser.Role == "Junior")
            {

                if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
                {
                    return Redirect(returnUrl);
                }
                else {
                    return RedirectToAction("Index", "Dashboard"); 
                }

            }
            else
            {
                return RedirectToAction("Index", "Job", new { Page = 1, Take = 10 });
            }


        }

如果有人遇到过这类问题,我期待着您的回复。

我再说一遍,这只是初级角色的情况,不适用于系统中存在的其他角色。

_objUserService包含管理用户的方法,objRoleForCurrentUser的值为“Junior”。用户已登录,但我没有重定向到仪表板,而是重定向到登录页面。

以下是登录时的代码。这是登录的默认asp.net代码:

var userIdentity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);

            authManager.SignIn(new AuthenticationProperties
            {
                IsPersistent = rememberMe,
            }, userIdentity);

谢谢。

1 个答案:

答案 0 :(得分:0)

更有可能的是,您在布局中呈现了子动作,并且该子动作使用Authorize修饰或存在于使用Authorize修饰的控制器中,并且不允许初级角色。一般情况下,您不应授权子操作,除非它专门用于处理用户对象,然后,在这种情况下,您还应添加[AllowAnonymous],因此授权不是必需< / em>的

相关问题
最新问题