2

我正在尝试为 ServiceStack 服务定义一个权限,例如该服务只能访问 Admin Role 并且我有这个带有 RequireRole 属性的服务,但它似乎不起作用,因为我可以作为 USER 访问该服务。

[Authenticate]
[RequiredRole("Admin")]
public class HelloService : Service
{
    public const string HelloServiceCounterKey = "HelloServiceCounter";

    public object Any(HelloRequest request)
    {
            var userSession = SessionAs<AppHost.CustomUserSession>();
            Session.Set(HelloServiceCounterKey, Session.Get<int>(HelloServiceCounterKey) + 1);
            var roles = string.Join(", ", userSession.Roles.ToArray());
            return new HelloResponse { Result = "Hello, " + request.Name + ", your role(s): " + roles };

    }
}

AccountController.cs

[HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Login(LoginModel model, string returnUrl)
    {
        if (ModelState.IsValid)
        {
            try
            {
                if (!WebSecurity.UserExists("Admin"))
                    WebSecurity.CreateUserAndAccount("admin", "abc");

                var authService = AppHostBase.Resolve<AuthService>();
                authService.RequestContext = System.Web.HttpContext.Current.ToRequestContext();
                var response = authService.Authenticate(new Auth
                                                            {
                                                                UserName = model.UserName,
                                                                Password = model.Password,
                                                                RememberMe = model.RememberMe
                                                            });

                // add ASP.NET auth cookie
                FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

                return RedirectToLocal(returnUrl);
            }
            catch (HttpError)
            {
            }
        }

这是我的 AppHost.cs

public override void Configure(Funq.Container container)
    {

        /*Register storage for User Session */
        container.Register<ICacheClient>(new MemoryCacheClient()); /*Tipo Base de MemoryCacheClient es ICacheClient*/
        container.Register<ISessionFactory>(c => new SessionFactory(c.Resolve<ICacheClient>())); /*Tipo Base de SessionFactory es ISessionFactory*/


        Plugins.Add(new AuthFeature(
           () => new CustomUserSession(),
           new[] { new CustomCredentialsAuthProvider() }
       ));

        Plugins.Add(new SessionFeature());

        Routes
          .Add<HelloService>("/hello")
          .Add<HelloService>("/hello/{Name*}");

        //Set JSON web services to return idiomatic JSON camelCase properties
        ServiceStack.Text.JsConfig.EmitCamelCaseNames = true;

        container.Register(new TodoRepository());           

        //Set MVC to use the same Funq IOC as ServiceStack
        ControllerBuilder.Current.SetControllerFactory(new FunqControllerFactory(container));
    }
4

1 回答 1

0

维基指出

与 Authenticate 一样,您也可以使用 RequiredPermission 属性标记服务(而不是 DTO)。

它没有说明您是否可以将RequiredRole 属性与服务一起使用,因此我认为您不能并且查看源代码中的评论似乎只针对requestDTO 对象。

于 2014-04-21T03:14:36.770 回答