Of Stack

ASP. NET MVC the method of using ActionFilterAttribute to realize permission restriction of with demo source code download

  • 2021-07-16 02:17:24
  • OfStack

This article illustrates how ASP. NET MVC uses ActionFilterAttribute to implement permission restriction. Share it for your reference, as follows:

ActionFilterAttribute is an Action filtering class, which executes before executing an action. ActionFilterAttribute is an action filtering class of MVC. Based on this principle, we make a permission restriction

For example: How to access test action in HomeController 


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using MvcTest.Models;
namespace MvcTest.Controllers
{
  public class HomeController : Controller
  {
    //
    // GET: /Home/
    public ActionResult Index()
    {
      return View();
    }
    [AuthorizeFilter]
    public ActionResult test()
    {
      return Content(" Have access to ");
    }
  }
}

Set up AuthorizeFilterAttribute. cs as follows 


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace MvcTest.Models
{
  /// <summary>
  /// Permission interception 
  /// </summary>
  [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
  public class AuthorizeFilterAttribute : ActionFilterAttribute
  {
    filterContextInfo fcinfo;
    // OnActionExecuted  After the operation method is executed, the  ASP.NET MVC  Framework call. 
    // OnActionExecuting  Before executing the action method, the  ASP.NET MVC  Framework call. 
    // OnResultExecuted  After the result of the operation is executed, the  ASP.NET MVC  Framework call. 
    // OnResultExecuting  Before executing the result of the operation, the  ASP.NET MVC  Framework call. 
    /// <summary>
    ///  Before executing the action method, the  ASP.NET MVC  Framework call. 
    /// </summary>
    /// <param name="filterContext"></param>
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
      fcinfo = new filterContextInfo(filterContext);
      //fcinfo.actionName;// Obtain a domain name 
      //fcinfo.controllerName; Get  controllerName  Name 
      bool isstate = true;
      //islogin = false;
      if (isstate)// If satisfied 
      {
        // Logic code 
        // filterContext.Result = new HttpUnauthorizedResult();// Direct URL The entered page address jumps to the landing page  
        // filterContext.Result = new RedirectResult("http://www.baidu.com");// You can also jump to another site 
        //filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "product", action = "Default" }));
      }
      else
      {
        filterContext.Result = new ContentResult { Content = @" Sorry , You do not have permission for the current operation! " };//  Direct return  return Content(" Sorry , You do not have permission for the current operation! ")
      }
    }
    /// <summary>
    ///  After the operation method is executed, the  ASP.NET MVC  Framework call. 
    /// </summary>
    /// <param name="filterContext"></param>
    public override void OnActionExecuted(ActionExecutedContext filterContext)
    {
      base.OnActionExecuted(filterContext);
    }
    /// <summary>
    /// OnResultExecuted  After the result of the operation is executed, the  ASP.NET MVC  Framework call. 
    /// </summary>
    /// <param name="filterContext"></param>
    public override void OnResultExecuted(ResultExecutedContext filterContext)
    {
      base.OnResultExecuted(filterContext);
    }
    /// <summary>
    /// OnResultExecuting  Before executing the result of the operation, the  ASP.NET MVC  Framework call. 
    /// </summary>
    /// <param name="filterContext"></param>
    public override void OnResultExecuting(ResultExecutingContext filterContext)
    {
      base.OnResultExecuting(filterContext);
    }
  }
  public class filterContextInfo
  {
    public filterContextInfo(ActionExecutingContext filterContext)
    {
      #region  Get the characters in the link 
      //  Obtain a domain name 
      domainName = filterContext.HttpContext.Request.Url.Authority;
      // Get the module name 
      // module = filterContext.HttpContext.Request.Url.Segments[1].Replace('/', ' ').Trim();
      // Get  controllerName  Name 
      controllerName = filterContext.RouteData.Values["controller"].ToString();
      // Get ACTION  Name 
      actionName = filterContext.RouteData.Values["action"].ToString();
      #endregion
    }
    /// <summary>
    ///  Obtain a domain name 
    /// </summary>
    public string domainName { get; set; }
    /// <summary>
    ///  Get the module name 
    /// </summary>
    public string module { get; set; }
    /// <summary>
    ///  Get  controllerName  Name 
    /// </summary>
    public string controllerName { get; set; }
    /// <summary>
    ///  Get ACTION  Name 
    /// </summary>
    public string actionName { get; set; }
  }
}

Click here to download the complete example code.

I hope this article is helpful to everyone's asp. net programming.

Related articles: