小编Gio*_*uri的帖子

“context.Resource as AuthorizationFilterContext”在 ASP.NET Core 3.0 中返回 null

我正在尝试按照教程实现自定义授权要求。它似乎 context.Resource不再包含AuthorizationFilterContext,因此:

var authFilterContext = context.Resource as AuthorizationFilterContext;
Run Code Online (Sandbox Code Playgroud)

返回null,其余的逻辑失败。我也无法获取查询字符串值,因为它为空。以下是代码:

public class CanEditOnlyOtherAdminRolesAndClaimsHandler :
   AuthorizationHandler<ManageAdminRolesAndClaimsRequirement>
    {
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
       ManageAdminRolesAndClaimsRequirement requirement)
        {
            var authFilterContext = context.Resource as AuthorizationFilterContext;
            if (authFilterContext == null)
            {
                return Task.CompletedTask;
            }

            string loggedInAdminId =
                context.User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value;

            string adminIdBeingEdited = authFilterContext.HttpContext.Request.Query["userId"];

            if (context.User.IsInRole("Admin") &&
                context.User.HasClaim(claim => claim.Type == "Edit Role" && claim.Value == "true") &&
                adminIdBeingEdited.ToLower() != loggedInAdminId.ToLower())
            {
                context.Succeed(requirement);
            }

            return Task.CompletedTask;
        }
    }
}
Run Code Online (Sandbox Code Playgroud)

我应该如何在 …

c# asp.net

8
推荐指数
2
解决办法
4901
查看次数

标签 统计

asp.net ×1

c# ×1