ca9*_*3d9 2 asp.net asp.net-core blazor
我知道以下剃刀代码适用于 AD 组。
<AuthorizeView Roles="AD_Group1, AD_Group2">
</AuthorizeView>
但是,我需要从 json 文件授予权限。在 json 文件中,它定义了,
{
"WindowsUserName1" : [ "My own group 1", "My own group 2" ],
"WindowsUserName2" : [ "My own group 2", "My own group 3" ],
....
}
如何使用<AuthorizeView>自定义分组?
您可以定义自定义策略来为用户组创建授权规则:
建筑定制要求:
public class UserGroupsRequirement : IAuthorizationRequirement
{
public string[] Groups { get; }
public UserGroupsRequirement(string[] groups)
{
Groups = groups;
}
}
为需求创建一个处理程序。这需要从要处理的需求AuthorizationHandler<T>继承:T
public class UserGroupsHandler : AuthorizationHandler<UserGroupsRequirement>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserGroupsRequirement requirement)
{
var username = context.User.Claims.FirstOrDefault(c=>c.Type==ClaimTypes.Name).Value;
var groups = requirement.Groups;
//read json file and find user's groups and check whether groups inlcude in required groups.
if (true)
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
注册政策:
services.AddAuthorization(config =>
{
config.AddPolicy("UserInGroupsAdmin", policy =>
policy.Requirements.Add(new UserGroupsRequirement(new string[] { "group1"})));
});
services.AddSingleton<IAuthorizationHandler, UserGroupsHandler>();
您可以更新 AuthorizeView 组件以使用策略:
<AuthorizeView Policy="UserInGroupsAdmin">
<p>You can only see this if you're an admin or superuser.</p>
</AuthorizeView>
| 归档时间: |
|
| 查看次数: |
5434 次 |
| 最近记录: |