我正在尝试使用 MVC 样式授权过滤器作为 OData Web API 控制器的 Get() 操作方法的属性,但授权过滤器被忽略。可以将授权属性与 EntitySetController 或 ODataController 一起使用吗?
public class MyEntityController : EntitySetController<MyEntity, int>
{
[CustomAuthorizeAttribute(AccessPermission.View)]
[Queryable( AllowedQueryOptions = AllowedQueryOptions.All)]
public override IQueryable<MyEntity> Get()
{
// Contents omitted.
}
}
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
public AccessPermission RequiredPermission { get; set; }
public CustomAuthorizeAttribute(AccessPermission requiredPermission)
{
RequiredPermission = requiredPermission;
}
}