仅当主体可以访问这些组件(无论是角色还是基于策略)时,我才想显示导航树的组件。
我对MVC核心并不是特别熟悉,但到目前为止的阅读表明我可以建立一个列表,列出将应用于某个动作的授权过滤器:
public NavigationNodePermissionResolver(ApplicationModel appModel)
{
foreach (var controllerModel in appModel.Controllers)
{
var contextFilters = controllerModel.Filters.OfType<IAsyncAuthorizationFilter>().ToList();
foreach (ActionModel action in controllerModel.Actions)//todo restrain to HttpGet
{
var actionFilters = action.Filters.OfType<IAsyncAuthorizationFilter>().ToList();
}
}
如何将应用程序模型的实例注入NavigationNodePermissionResolver的实例化器?
NavigationNodePermissionResolver本身将注入:
services.TryAddSingleton<INavigationNodePermissionResolver, NavigationNodePermissionResolver>();
修改
关于这个问题的后续内容 - 当我有一个IAsyncAuthorizationFilters列表是in this so question时该怎么办。
作为后续信息,ApplicationModel是我在this SO answer中发现的ApplicationModelProviderContext的一个属性 - 它似乎与我所追求的大致相同,但它可能是我用来获取的方法然后执行授权过滤器是完全错误的
答案 0 :(得分:0)
我发现我可以实例化并注入实现2个接口的同一个实例。我最终在Startup.ConfigureServices:
中var customAppModelProvider = new CustomApplicationModelProvider();
services.AddSingleton<IApplicationModelProvider>(customAppModelProvider);
services.AddSingleton<IActionFilterMap>(customAppModelProvider);
实施:
public interface IActionFilterMap
{
IEnumerable<IAsyncAuthorizationFilter> GetFilters(string area, string controller, string action);
}
public class CustomApplicationModelProvider : IApplicationModelProvider, IActionFilterMap
{
//It will be executed after AuthorizationApplicationModelProvider, which has order -990
public int Order => 0;
private ReadOnlyDictionary<ActionKey, IEnumerable<IAsyncAuthorizationFilter>> _authDictionary;
public IEnumerable<IAsyncAuthorizationFilter> GetFilters(string area, string controller, string action)
{
var key = new ActionKey(area, controller, action);
if (_authDictionary.TryGetValue(key, out IEnumerable<IAsyncAuthorizationFilter> returnVar))
{
return returnVar;
}
return null;//returning null rather than Enumerable.Empty so consuming method can detect if action found and has no Authorization, or action not found
}
public void OnProvidersExecuted(ApplicationModelProviderContext context)
{
var returnVar = new Dictionary<ActionKey, IEnumerable<IAsyncAuthorizationFilter>>();
foreach (var controllerModel in context.Result.Controllers)
{
var controllerFilters = controllerModel.Filters.OfType<IAsyncAuthorizationFilter>().ToList();
string area = controllerModel.Attributes.OfType<AreaAttribute>().FirstOrDefault()?.RouteValue;
foreach (ActionModel action in controllerModel.Actions)//todo restrain to get
{
var method = action.Attributes.OfType<HttpMethodAttribute>().FirstOrDefault();
if (method == null || method.HttpMethods.Contains("GET"))
{
var key = new ActionKey(area, controllerModel.ControllerName, action.ActionName);
if (action.Filters.OfType<AllowAnonymousFilter>().Any())
{
returnVar.Add(key, Enumerable.Empty<IAsyncAuthorizationFilter>());
}
else
{
var filters = controllerFilters.Concat(action.Filters.OfType<IAsyncAuthorizationFilter>()).ToArray();
returnVar.Add(key, filters);
}
}
}
_authDictionary = new ReadOnlyDictionary<ActionKey, IEnumerable<IAsyncAuthorizationFilter>>(returnVar);
}
}
public void OnProvidersExecuting(ApplicationModelProviderContext context)
{
//empty
}
private class ActionKey : Tuple<string, string, string>
{
public ActionKey(string area, string controller, string action) : base(area ?? string.Empty, controller, action)
{
_hashCode = base.GetHashCode();
}
int _hashCode;
public override int GetHashCode()
{
return _hashCode;
}
}
}