我的过滤器提供商:
public class ValidatePermissionFilterProvider : IFilterProvider
{
private readonly IList<ControllerAction> _actions = new List<ControllerAction>();
public void Add(string controllerName, string actionName)
{
_actions.Add(new ControllerAction() { ControllerName = controllerName, ActionName = actionName });
}
public IEnumerable<Filter> GetFilters(ControllerContext controllerContext, ActionDescriptor actionDescriptor)
{
bool needAuthorization = true;
foreach (ControllerAction action in _actions)
{
if ((action.ControllerName == actionDescriptor.ControllerDescriptor.ControllerName || action.ControllerName == "*")
&& (action.ActionName == actionDescriptor.ActionName || action.ActionName == "*"))
{
needAuthorization = false;
}
}
if (needAuthorization)
yield return new Filter(new ValidatePermissionAttribute(), FilterScope.First, null);
yield break;
}
}
internal class ControllerAction
{
internal string ControllerName { get; set; }
internal string ActionName { get; set; }
}
我的过滤器:
public class ValidatePermissionAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
return false;
}
}
我的Global.asax:
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
ValidatePermissionFilterProvider validatePermissionProvider = new ValidatePermissionFilterProvider();
validatePermissionProvider.Add("Login", "Index");
validatePermissionProvider.Add("Erro", "*");
FilterProviders.Providers.Add(validatePermissionProvider);
}
我的过滤器不尊重条件,当我在URL中的任何操作中尝试Erro控制器时,它会传递给过滤器。
我的条件是:传递给我在Add()方法中通知的所有控制器/操作。
发生了什么事?