在我的 MVC3 wep 应用程序中,我扩展了 Authorize 属性,如下所示
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (Authenticate.IsAuthenticated() && httpContext.User.Identity.IsAuthenticated)
{
var authCookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
var ticket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = ticket.UserData.Split('|');
var identity = new GenericIdentity(ticket.Name);
httpContext.User = new GenericPrincipal(identity, roles);
}
}
return base.AuthorizeCore(httpContext);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (!Authenticate.IsAuthenticated())
HandleUnauthorizedRequest(filterContext);
base.OnAuthorization(filterContext);
}
在我的行动中,我使用它就像
[MyAuthorize(Roles = "Member,Inspector,SalesRep,Admin,SuperAdmin")]
public ActionResult OrderUpload()
现在,我必须在每个操作中指定每个用户角色。我想做的是指定如下内容
[MyAuthorize(Roles = "Member")]
public ActionResult OrderUpload()
这应该允许任何等于或高于“成员”的用户角色。因此,应允许“SalesRep”,而不应允许“会员”之下的“访客”。
所有用户角色都是数字增加的枚举
public enum UserAccountType
{
Visitor = 5,
Member = 10,
Inspector = 15,
SalesRep = 20,
Admin = 25,
SuperAdmin = 30
}
如何修改 MyAuthorizeAttribute 以使其工作?
谢谢