我有.NET Core 1.1 webapi并使用数据库角色和权限模型来授权API调用,如下所示
[MyAuthorization(new object[]
{
new int[]{(int)System.Administration, (int)Process.AManagement, (int)Action.View },
new int[]{ (int)System.Inventory, (int)Process.BManagement, (int)Action.Disp },
new int[]{ (int)System.Inventory, (int)Process.CManagement, (int)Action.Waste },
new int[]{ (int)System.Inventory, (int)Process.Inventory, (int)Action.Return },
}
)]
[Route("something")]
[HttpPost]
在MyAuthorization属性中,我调用其他API来计算当前用户是否有权访问所需权限。
有更好的方法吗?