我遇到了这段代码,因为它引用了HttpContext而无法测试它。如何删除对HttpContext的依赖以使其可测试?
public class AuthorizeByUserStatus :AuthorizationFilterAttribute
{
private readonly UserStatusEnum status;
public AuthorizeByUserStatus(UserStatusEnum status)
{
this.status = status;
}
public override async Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
var authorize = false;
var user = HttpContext.Current.User;
var userIdentity = user.GetIdentity();
if (userIdentity.UserStatus >= status)
{
authorize = true;
}
if (authorize)
{
base.OnAuthorization(actionContext);
}
else
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
}
答案 0 :(得分:0)
替换静态HttpContext方法并引用传入的actionContext,其中包含我们需要的信息!
var userIdentity = actionContext.RequestContext.Principal.GetIdentity();
现在,您可以使用正确设置的请求详细信息传递actionContext,以获取请求用户身份。