我已经根据我提出的这个问题做了一些编码 Complex role authorization Asp.net core MVC。
所以我的代码已经变成这样:
public IActionResult PullMeDataForTheUser(Model model)
{
//right now only super admin has all access but more role can be added to this policy in future
var authorizationResult = await _authorizationService
.AuthorizeAsync(user, "HasAllAccess");
if (authorizationResult.Succeeded)
{
//pull everything : call to service
}
else{
//pull partial things applicable to the user: call to service
}
// more service call
// more logics and filtering and joins
return view
}
我感觉到此控制器动作已经变得太厚了,我想将此代码推送到服务层,以使其代表一次性情况。现在,如果我将IAuthorizationService推送到服务层,则它必须知道HTTP上下文才能提取用户。知道HTTP上下文对象的服务层听起来不正确。我的问题是在这种情况下如何改进设计