我正在尝试使用以下代码捕获并检查用户的授权;注意, 除了我的标题问题,我不满意我如何在每个班级注入两项服务[也许是罪魁祸首]:
using System.Collections.Generic;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using Orchard;
using Orchard.Mvc.Routes;
using Orchard.Security;
namespace Orc.PP.Routes
{
public class ProfileRoutes : IRouteProvider {
private readonly IMembershipService _membershipService;
private readonly IOrchardServices _orchardServices;
public ProfileRoutes(IMembershipService membershipService, IOrchardServices orchardServices)
{
_membershipService = membershipService;
_orchardServices = orchardServices;
}
public void GetRoutes(ICollection<RouteDescriptor> routes) {
foreach (var routeDescriptor in GetRoutes())
routes.Add(routeDescriptor);
}
public IEnumerable<RouteDescriptor> GetRoutes() {
return new[] {
// Note: Register/Edit have higher priority than Profile/{username} as
// Register / Edit could be interpreted as a username.
new RouteDescriptor {
Priority = 7,
Route = new Route(
"Profile/Register",
new RouteValueDictionary {
{"area", "Orc.PP"},
{"controller", "Profile"},
{"action", "Register"}
},
new RouteValueDictionary (),
new RouteValueDictionary {
{"area", "Orc.PP"}
},
new MvcRouteHandler())
},
new RouteDescriptor {
Priority = 6,
Route = new Route(
"Profile/Edit",
new RouteValueDictionary {
{"area", "Orc.PP"},
{"controller", "Profile"},
{"action", "Edit"}
},
new RouteValueDictionary (),
new RouteValueDictionary {
{"area", "Orc.PP"}
},
new MvcRouteHandler())
},
new RouteDescriptor {
Priority = 5,
Route = new Route(
"PP/Profile/{username}",
new RouteValueDictionary {
{"area", "Orc.PP"},
{"controller", "Profile"},
{"action", "Index"},
//{"username", new UserNameConstraint() }//UrlParameter.Optional }
},
new RouteValueDictionary {//} (),
{"username", new UserNameConstraint(_membershipService, _orchardServices)}
},
new RouteValueDictionary {
{"area", "Orc.PP"}
},
new MvcRouteHandler())
}
};
}
public class UserNameConstraint : IRouteConstraint
{
private readonly IMembershipService _membershipService;
private readonly IOrchardServices _orchardServices;
public UserNameConstraint(IMembershipService membershipService, IOrchardServices orchardServices)
{
_membershipService = membershipService;
_orchardServices = orchardServices;
}
public bool Match(HttpContextBase httpContext, Route route, string parameterName, RouteValueDictionary values, RouteDirection routeDirection)
{
// Get the username from the url
var username = values["username"].ToString().ToLower();
// Check for a match (assumes case insensitive)
IUser user = _membershipService.GetUser(username);
//Does user exist and have permission to veiw Profile?
if (user == null || !_orchardServices.Authorizer.Authorize(Permissions.ViewProfiles, user, null))
{
return false;
}
return true;
}
}
}
}
致电后:
!_orchardServices.Authorizer.Authorize(Permissions.ViewProfiles, user, null))
在Orchard / Security / Authorizer.cs中:
public bool Authorize(Permission permission, IContent content, LocalizedString message)
其中
_workContextAccessor.GetContext().CurrentUser;
,抛出错误:
NullReferenceException未被用户代码处理: {“对象引用未设置为对象的实例。”}
有人可以向我解释为什么/可能正确的方法来实现我正在尝试的东西吗?