ViewContext.HttpContext.User.IsInRole(“Admin”)无效

时间:2017-07-25 01:24:13

标签: asp.net-mvc

我正在尝试隐藏链接,或者如果用户不是管理员,则无法转到该页面。我可以在我的控制器中使用此代码来执行后者:

[AuthorizeRoles("Admin")]
public ActionResult Registration()
{
   return View();
}

当我尝试使用此代码隐藏链接时:

@if (!Context.User.Identity.Name.IsEmpty())
{
    <li id="dd_vehicle" class="dropdown">
    <a href="#" class="dropdown-toggle" data-toggle="dropdown">VEHICLE <b class="caret"></b></a>
    <ul class="dropdown-menu">
    @if (ViewContext.HttpContext.User.IsInRole("Admin"))
    {
        <li id="item_registration">
            @Html.ActionLink("Registration", "Registration", "Home")
        </li>
    }
}

链接被隐藏。但是当我以“管理员”身份登录时,链接仍然没有显示。

这就是我AuthorizeAttribute的方式:

public class AuthorizeRolesAttribute : AuthorizeAttribute
{
    private readonly string[] userAssignedRoles;

    public AuthorizeRolesAttribute(params string[] roles)
    {
        this.userAssignedRoles = roles;
    }

    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        bool authorize = false;
        using (var db = new SMBI_DBEntities())
        {
            var um = new UserManager();
            foreach (var roles in userAssignedRoles)
            {
                authorize = um.IsUserInRole(httpContext.User.Identity.Name, roles);
                if (authorize)
                    return authorize;
            }
        }
            return authorize;
    }

    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.Result = new RedirectResult("~/Home/UnAuthorized");
    }
}

,这是在LoginView中:

[HttpPost]
public ActionResult Login(UserLoginView ulv, string returnUrl)
{
    if (ModelState.IsValid)
    {
        var um = new UserManager();
        var password = um.GetUserPassword(ulv.LoginName);

        if (string.IsNullOrEmpty(password))
        {
            ModelState.AddModelError("", "Login ID and Pasword do not match.");
        }
        else
        {
            if (ulv.Password.Equals(password))
            {
                FormsAuthentication.SetAuthCookie(ulv.LoginName, false);
                return RedirectToAction("Registration", "Home");
            }
            else
            {
                ModelState.AddModelError("","Password provided is incorrect.");
            }
        }
    }
    return View(ulv);
}

希望你能提供帮助。谢谢。

1 个答案:

答案 0 :(得分:0)

您好您可以尝试以下内容: 

@if(Page.User.IsInRole("Admin"))
 {
        <li id="item_registration">
            @Html.ActionLink("Registration", "Registration", "Home")
        </li>
}

有用的链接: How to use Page.User.IsInRole

另外作为附加信息,如果需要,您也可以像以下一样编写帮助以供将来使用

public static class PrincipalExtensions
{
    public static bool IsInAllRoles(this IPrincipal principal, params string[] roles)
    {
        return roles.All(r => principal.IsInRole(r));
    }

    public static bool IsInAnyRoles(this IPrincipal principal, params string[] roles)
    {
        return roles.Any(r => principal.IsInRole(r));
    }
}

现在只需将此扩展方法称为: 

// user must be assign to all of the roles  
if(User.IsInAllRoles("Admin","Manager","YetOtherRole"))
{
    // do something
} 

// one of the roles sufficient
if(User.IsInAnyRoles("Admin","Manager","YetOtherRole"))
{
    // do something
}

来源: https://stackoverflow.com/a/32385065/3397630

由于

相关问题
最新问题