ASP.NET MVC3 + ActionFilterAttribute +注入?

时间:2011-01-29 20:39:32

标签: c# asp.net dependency-injection asp.net-mvc-3 actionfilterattribute

嘿那里,我已经成功地在我的FilterAttribute中使用了属性注入,但是我想知道它是否可以将它移动到构造函数中呢?

我目前的代码:

// AuthAttribute.cs

public class AuthAttribute : ActionFilterAttribute
{
    public Roles _authRoles { get; private set; }

    [Inject]
    private readonly IAuthorizationService _service;

    public AuthAttribute(Roles roles)
    {
        _authRoles = roles;
    }

    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
        {
            string redirectOnSuccess = filterContext.HttpContext.Request.Url.AbsolutePath;
            string redirectUrl = string.Format("?returnUrl={0}", redirectOnSuccess);
            string loginUrl = FormsAuthentication.LoginUrl + redirectUrl;

            filterContext.HttpContext.Response.Redirect(loginUrl, true);
        }
        else
        {
            bool isAuthorized = _service.Authorize(GetUserSession.Id, _authRoles.ToString());

            if (!isAuthorized)
            {
                // TODO: Make custom "Not Authorized" error page.
                throw new UnauthorizedAccessException("No access");
            }
        }
    }
}

// TestController.cs

[Auth(Roles.Developer)]
public ActionResult Index()
{
    // Some smart logic
}

提前致谢!

2 个答案:

答案 0 :(得分:8)

不,这不可能作为构造函数must be simple types的参数。

出于测试目的,您可以使用另一个构造函数(因为您不应该使用带有测试的IoC容器):

public class AuthAttribute : ActionFilterAttribute
{
    public Roles _authRoles { get; private set; }

    [Inject]
    private readonly IAuthorizationService _service;

    public AuthAttribute(Roles roles)
    {
        _authRoles = roles;
    }

    public AuthAttribute(Roles roles, IAuthorizationService authSvc)
        : this(roles)
    {
        this.service = authSvc;
    }

    // ...
}

答案 1 :(得分:7)

在这种情况下,

构造函数注入,但您需要使用属性/过滤器组合。

您的过滤器(例如:IAuthorizationFilter)实现将使用构造函数注入并完成所有工作......

您的属性(例如:FilterAttribute)将很薄,主要用于装饰您的控制器或操作。

public class AuthorizationFilter : IAuthorizationFilter
{
    private readonly IAuthorizationService _authorizationService;
    private readonly UserRoles _requiredRoles; // Enum of Roles

    public AuthorizationFilter(IAuthorizationService authorizationService, UserRoles requiredRoles)
    {
        _authorizationService = authorizationService;
        _requiredRoles = requiredRoles;
    }

    public void OnAuthorization(AuthorizationContext filterContext)
    {
        // do work, or HandleUnauthorizedRequest()
    }

    protected void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        // do work
    }

}

public class RequireRolesAttribute : FilterAttribute
{
    public readonly UserRoles RequiredRoles;

    public RequireRolesAttribute(UserRoles requiredRoles)
    {
        RequiredRoles = requiredRoles;
    }        
}

然后你的Ninject容器将属性绑定到过滤器:

// controller-level
kernel.BindFilter<AuthorizationFilter>(FilterScope.Controller, 0).WhenControllerHas<RequireRolesAttribute>()
// action level
kernel.BindFilter<AuthorizationFilter>(FilterScope.Action, 0).WhenActionMethodHas<RequireRolesAttribute>();

请参阅:

Dependency Injection with Ninject and Filter attribute for asp.net mvc

Ninject Binding Attribute to Filter with Constructor Arguments

https://github.com/ninject/ninject.web.mvc/wiki/Filter-configurations

我想要克服的技巧是如何将我的角色定义在属性上的过滤器...... ninject文档应该有所帮助,但我自己还没有。

祝你好运。