我有一个绑定到站点地图的 Telerik mvc 菜单。所有链接都已正确设置并成功绑定。但是在 post 方法中,如果使用 将模型发布回无效模型的视图View(model),它会因以下错误而中断。它适用于 PRG 模式,即,如果我重定向到视图。
INFO [System.NullReferenceException:对象引用未设置为对象的实例。在 Telerik.Web.Mvc.Infrastructure.Implementation.ControllerAuthorization.IsAccessibleToUser(RequestContext requestContext, String controllerName, String actionName, RouteValueDictionary routeValues) 在 f:\109\Griffin\Trunk Full\Sources\Source\Telerik.Web.Mvc\Infrastructure\ Implementation\ControllerAuthorization.cs:Telerik.Web.Mvc.Infrastructure.Implementation.NavigationItemAuthorization.IsAccessibleToUser(RequestContext requestContext, Inavigable navigationItem) 中的第 75 行:\109\Griffin\Trunk Full\Sources\Source\Telerik.Web.Mvc\ Infrastructure\Implementation\NavigationItemAuthorization.cs:第 38 行
通过代码调试,我发现它在内部调用 System.Web.MVC 类来检索节点的授权信息。下面是为无效模型返回 null 的行,否则如果它是重定向或正常 GET 操作,它可以正常工作。
ActionDescriptor actionDescriptor = controllerDescriptor.FindAction(controllerContext, actionName);
if (actionDescriptor == null)
{
return null; **//it returns null for View(model)**
}
return new AuthorizationContext(controllerContext, actionDescriptor) { Controller = { ControllerContext = controllerContext } };
System.Web.Mvc 中的 FindAction 方法。RunSelectionFilters正在从此方法中调用,该方法为正常和异常情况产生不同的输出。
public MethodInfo FindActionMethod(ControllerContext controllerContext, string actionName)
{
List<MethodInfo> matchingAliasedMethods = this.GetMatchingAliasedMethods(controllerContext, actionName);
matchingAliasedMethods.AddRange(this.NonAliasedMethods[actionName]);
List<MethodInfo> ambiguousMethods = RunSelectionFilters(controllerContext, matchingAliasedMethods);
switch (ambiguousMethods.Count)
{
case 0:
return null;
case 1:
return ambiguousMethods[0];
}
throw this.CreateAmbiguousMatchException(ambiguousMethods, actionName);
}
RunSelectionFilters 方法list2为正常操作和list异常情况返回。
private static List<MethodInfo> RunSelectionFilters(ControllerContext controllerContext, List<MethodInfo> methodInfos)
{
List<MethodInfo> list = new List<MethodInfo>();
List<MethodInfo> list2 = new List<MethodInfo>();
using (List<MethodInfo>.Enumerator enumerator = methodInfos.GetEnumerator())
{
Func<ActionMethodSelectorAttribute, bool> predicate = null;
MethodInfo methodInfo;
while (enumerator.MoveNext())
{
methodInfo = enumerator.Current;
ICollection<ActionMethodSelectorAttribute> actionMethodSelectorAttributes = ReflectedAttributeCache.GetActionMethodSelectorAttributes(methodInfo);
if (actionMethodSelectorAttributes.Count == 0)
{
list2.Add(methodInfo);
}
else
{
if (predicate == null)
{
predicate = attr => attr.IsValidForRequest(controllerContext, methodInfo);
}
if (actionMethodSelectorAttributes.All<ActionMethodSelectorAttribute>(predicate))
{
list.Add(methodInfo);
}
}
}
}
if (list.Count <= 0)
{
return list2;
}
return list;
}
下面是自定义授权属性。此属性应用于 BaseController。
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class AppActionAuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
protected virtual bool AuthorizeCore(HttpContextBase httpContext)
{
return DBService.IsAuthorized(httpContext.RequestContext().RouteData.Values);
}
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
if (OutputCacheAttribute.IsChildActionCacheActive(filterContext))
{
throw new InvalidOperationException("AuthorizeAttribute cannot be used within a child action caching block.");
}
if (this.AuthorizeCore(filterContext.HttpContext))
{
HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache;
cache.SetProxyMaxAge(new TimeSpan(0L));
cache.AddValidationCallback(new HttpCacheValidateHandler(this.CacheValidateHandler), null);
}
else
{
this.HandleUnauthorizedRequest(filterContext);
}
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = this.OnCacheAuthorization(new HttpContextWrapper(context));
}
protected virtual HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
if (!this.AuthorizeCore(httpContext))
{
return HttpValidationStatus.IgnoreThisRequest;
}
return HttpValidationStatus.Valid;
}
}