基本上我想显示一个友好的信息,当有人是不是在我的属性中列出一个角色的一部分。目前我的应用程序只是吐用户返回到登录屏幕。我读过,谈创造只是延长[AuthorizeAttribute]自定义属性的几个帖子,但我想那里一定是东西开箱做到这一点?
Essentially I want to show a friendly message when someone is not part of a role listed in my attribute. Currently my application just spits the user back to the log in screen. I've read a few posts that talk about creating a custom attribute that just extends [AuthorizeAttribute], but I'm thinking there's got to be something out of the box to do this?
可以有人请点我的,我需要看没有它用户发送到日志形式向正确的方向,而是只拍他们未授权的消息?
can someone please point me in the right direction of where I need to look to not have it send the user to the log in form, but rather just shoot them a "not authorized" message?
推荐答案如果简单或逻辑的总量控制是你想要的,你可以在你的操作方法把这个叫做什么:
If simplicity or total control of the logic is what you want you can call this in your action method:
User.IsInRole("NameOfRole");它返回一个布尔值,你可以根据这个结果做你的逻辑的其余部分。
It returns a bool and you can do the rest of your logic depending on that result.
这是我在某些情况下,用另外一个是:
Another one that I've used in some cases is:
System.Web.Security.Roles.GetRolesForUser();我想返回一个字符串[],但不可以引用我这句话。
I think that returns a string[] but don't quote me on that.
编辑:一个例子总是帮助...
An example always helps...
public ActionResult AddUser() { if(User.IsInRoles("SuperUser") { return View("AddUser"); } else { return View("SorryWrongRole"); } }只要你的返回类型是的ActionResult你可以返回任何接受的返回类型(的ViewResult,PartialViewResult,RedirectResult,JsonResult ...)
As long as your return type is "ActionResult" you could return any of the accepted return types (ViewResult, PartialViewResult, RedirectResult, JsonResult...)
更多推荐
属性为.NET MVC控制器的操作方法
发布评论