我有以下课程:
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "view", Resource = "agreement")]
public class AgreementViewModel : Screen
{
[ClaimsPrincipalPermission(SecurityAction.Assert, Operation = "save", Resource = "agreement")]
public async void Save()
{
}
}
我的问题是,即使主体有上面指定的两个声明,对 Save 的调用也会失败。如果我从班级级别取消索赔,它就可以正常工作。该类也可以很好地实例化。我的“手动”检查以确定用户是否可以执行操作正常,这是实际执行失败。手动检查定义如下:
public bool CanExecute(object sender, [CallerMemberName] string callerMethod = null)
{
string targetMethodName = callerMethod;
if (callerMethod == null)
return true;
if (callerMethod.StartsWith("Can"))
targetMethodName = callerMethod.Substring(3, callerMethod.Length - 3);
if (string.IsNullOrEmpty(targetMethodName))
return true;
var claimsAttribute = sender.GetType().GetMethods()
.Where(x => x.Name == targetMethodName)
.SelectMany(x => x.GetCustomAttributes(typeof(ClaimsPrincipalPermissionAttribute), true).Cast<ClaimsPrincipalPermissionAttribute>())
.FirstOrDefault();
return CanExecute(claimsAttribute);
}
private bool CanExecute(ClaimsPrincipalPermissionAttribute claimsAttribute)
{
if (claimsAttribute == null)
return true;
try
{
claimsAttribute.CreatePermission().Demand();
}
catch (SecurityException)
{
return false;
}
return true;
}