2

我开发了一个网络项目。我使用 Asp.Net MVC,实体框架。我将在管理面板中为用户提供角色。用户根据他们的角色制作流程。我想为这个项目使用设计模式。我使用哪种类型的模式进行此角色授权?任何想法?提前致谢。

4

1 回答 1

4

Easiest way to implement role management is using ASP.NET membership provider.

You then have two ways of protecting actions based on roles.

If you want to ensure that only certain roles can execute an action method, you would use the Authorize attribute and define the list of allowed roles:

[Authorize(Roles = "Admin, Manager")]
public ActionResult AdministratorsOnly()
{
   return View();
}

If you need to hide functionality on the views, you can use the User.IsInRole() method to check if the currently logged in user has that role:

if(User.IsInRole("Admin"))
{
    <a href="/user/delete">Delete account</a>
}
于 2013-05-26T00:59:31.660 回答