This article mainly introduces asp.net core mvc permission control: controlling operation permissions in the view. It has a very good reference value. Let’s take a look at it with the editor.
provides a permission verification framework in asp.net core mvc. The previous article has introduced how to configure permission control and permission configuration. After that, the permission verification logic will be executed automatically, but in some cases, we may need to manually determine the permissions in the code or view. We will introduce the specific operation method now.
If you want to determine whether the current user has a certain permission in the controller method, you can directly use the HttpContext.User.HasClaim (string cliamtype, string cliamvalue) method to determine. This method returns bool type and returns true Indicates that it has permission, otherwise it does not.
In the view, we often need to control the permissions of a certain button or hyperlink. If the button has permission, it will be displayed, otherwise it is unrealistic. So how can we achieve such an effect? The method is introduced as follows:
1. Use HttpContext.User.HasClaim (string cliamtype, string cliamvalue) directly in the view to determine the permissions, and then control whether the button displays
@if(HttpContext.User.HasClaim("User","Delete")) { <input type='button' value="删除"/> }
The above code is written in the view, which means that if the user has the delete permission, the delete button will be displayed. In this way, for example, all places that need to be verified are written in this format.
2, the first method can be simplified with the help of taghelper, a new feature of asp.net core mvc. As for what taghelper is and its function, we will not introduce it here. You can search it on Baidu or Google , here we directly introduce how to customize the taghelper for permission verification.
<a asp-claim="goods,edit" asp-action="addgoods" asp-route-id="@goods.Id" class="btn-icon " title="编辑"> <i class="icon-common-edit icon-pencil"></i></a>
The above code is our final effect, indicating that this hyperlink is available when the user has claim(type= goods, value=edit) permissions, we will introduce how to implement this taghelper below.
1) First we define a class, derived from the TagHelper class, and add the claim attribute definition, and add ViewContext
class ClaimTagHelper:TagHelper { private const string ClaimAttributeName = "asp-claim"; public ClaimTagHelper() { } [HtmlAttributeName(ClaimAttributeName)] public string Claim { get; set; } }
2) Our permission control taghelper is only used on button, a, and input elements. All we need to add HtmlTargetElement features and code As follows:
[HtmlTargetElement("a", Attributes = ClaimAttributeName)] [HtmlTargetElement("button", Attributes = ClaimAttributeName)] [HtmlTargetElement("input", Attributes = ClaimAttributeName, TagStructure = TagStructure.WithoutEndTag)] public class ClaimTagHelper: TagHelper { ...... }
##3) Rewrite the Process method of TagHelper, in the method Use HttpContext.User.HasClaim to determine permissions. Accessing HttpContext in the view must use the ViewContext object, so we need to add a ViewContext reference to the current TagHelper class. The specific code is as follows:
public class ClaimTagHelper: TagHelper { ..... [HtmlAttributeNotBound] [ViewContext] public ViewContext ViewContext { get; set; } ..... }
public override void Process(TagHelperContext context, TagHelperOutput output) { if (string.IsNullOrEmpty(Claim)) { return; } string[] claimData = Claim.Split(new char[] { '-' }, StringSplitOptions.RemoveEmptyEntries); if (claimData.Length == 1) { if (!ViewContext.HttpContext.User.HasClaim(m => m.Type == claimData[0])) { //无权限 output.SuppressOutput(); } } else { if (!ViewContext.HttpContext.User.HasClaim(m => m.Type == claimData[0] && m.Value == claimData[1])) { //无权限 output.SuppressOutput(); } } }