我有asp.net mvc项目,它使用Microsoft Identity成员。我的角色是:管理员,代理,客户,内容编辑,初级。初级角色是最后添加的,我无法登录它。这是登录后调用的控制器:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PoloCpi.Data.Services.Interfaces;
using PoloCpi.Model.ViewModels;
namespace PoloCpi.Web.Areas.Admin.Controllers
{
/// <summary>
/// Dashboard controller
/// </summary>
public class DashboardController : Controller
{
private readonly IJobService _obJobService;
private readonly IAgentService _objAgentService;
private readonly IHistoryLogsService _objHistoryLogsService;
private readonly IFileUploadService _objFileUploadService;
private readonly IJobReportService _objJobReportService;
public DashboardController(IJobService obJobService, IAgentService objAgentService, IHistoryLogsService objHistoryLogsService, IFileUploadService objFileUploadService, IJobReportService objJobReportService)
{
_obJobService = obJobService;
_objAgentService = objAgentService;
_objHistoryLogsService = objHistoryLogsService;
_objFileUploadService = objFileUploadService;
_objJobReportService = objJobReportService;
}
//
// GET: /Admin/Dashboard/
//[Authorize(Roles = "Admin, Agent, Client, ContentEditor, Junior")]
public ActionResult Index()
{
return View();
}
/// <summary>
/// Date reminders
/// </summary>
/// <returns></returns>
public ActionResult MattersDateReminders(int page = 1, int pageSize = 10)
{
var reminderDates = _obJobService.GetReminderDates(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Reminder dates";
ViewBag.Container = "reminder-dates-container";
ViewBag.ShowMoreId = "reminder-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { reminderDates = reminderDates, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", reminderDates);
}
/// <summary>
/// Last day of services
/// </summary>
/// <returns></returns>
public ActionResult LastDayOfServices(int page = 1, int pageSize = 10)
{
var lastDayOfServices = _obJobService.GetLastDayOfServices(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Last day of services";
ViewBag.Container = "last-dates-container";
ViewBag.ShowMoreId = "last-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { lastDayOfServices = lastDayOfServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", lastDayOfServices);
}
/// <summary>
/// Agent licenses
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">pageSize</param>
/// <returns>List of agent liceses</returns>
public ActionResult AgentLicenses(int page = 1, int pageSize = 10)
{
var agentLicenses = _objAgentService.CheckForExpiringLicenses(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Title = "Agent Licenses";
ViewBag.Controller = "Agent";
ViewBag.Action = "GetAgentLicenses";
ViewBag.Container = "agent-licenses-container";
ViewBag.ShowMoreId = "agent-licenses-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { agentLicenses = agentLicenses, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", agentLicenses);
}
/// <summary>
/// Agent reports
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of agent reports</returns>
public ActionResult AgentReports(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objJobReportServices = _objJobReportService.FindAgentReportAlerts(page, pageSize);
ViewBag.Title = "Agent Reports";
ViewBag.Controller = "Job";
ViewBag.Action = "JobDetails";
ViewBag.Container = "agent-reports-container";
ViewBag.ShowMoreId = "agent-reports-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { jobReports = objJobReportServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", objJobReportServices);
}
/// <summary>
/// File uploads
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of file uploads</returns>
public ActionResult FileUploads(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var fileUploadsList = _objFileUploadService.FindFileUploadsAlerts(page, pageSize);
ViewBag.Title = "File Uploads";
ViewBag.Controller = "FileUpload";
ViewBag.Action = "Files";
ViewBag.Container = "file-uploads-container";
ViewBag.ShowMoreId = "file-uploads-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { fileUploads = fileUploadsList, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", fileUploadsList);
}
/// <summary>
/// Latest activities
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of latest activities</returns>
public ActionResult LatestActivityOfAdmins(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var latestActivities = _objHistoryLogsService.GetHistoryLogs(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { latestActivities = latestActivities, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_LatestAdminActivity.cshtml", latestActivities);
}
/// <summary>
/// Invoices
/// </summary>
/// <param name="page">Page</param>
/// <param name="pageSize">Page Size</param>
/// <returns>List of invoices</returns>
public ActionResult Invoices(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objInvoiceAlerts = _obJobService.FindClosedMattersWithoutInvoice(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { invoiceAlerts = objInvoiceAlerts, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_Invoices.cshtml", objInvoiceAlerts);
}
}
}
正如你所看到的,根本没有授权属性,如果我手动输入url,我需要到达仪表板,但我被重定向到登录页面。
这是我的登录操作:
/// <summary>
/// Login action for post data
/// </summary>
/// <param name="userModel">User model object</param>
/// <param name="returnUrl">Return url</param>
/// <returns>View</returns>
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> Login(LoginViewModel userModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(userModel);
}
var _objApplicationUser = await _objUserService.FindUser(userModel.UserName, userModel.Password);
if (_objApplicationUser == null)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_EXISTS);
return View(userModel);
}
if (!_objApplicationUser.IsActive)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_NOT_ACTIVE);
return View(userModel);
}
await _objUserService.SignIn(HttpContext.GetOwinContext().Authentication, _objApplicationUser, userModel.RemeberMe);
string strUserId = _objApplicationUser.Id.ToString();
var objRoleForCurrentUser = _objUserService.FindUserById(strUserId);
if (objRoleForCurrentUser.Role == "Admin" || objRoleForCurrentUser.Role == "Junior")
{
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else {
return RedirectToAction("Index", "Dashboard");
}
}
else
{
return RedirectToAction("Index", "Job", new { Page = 1, Take = 10 });
}
}
如果有人遇到过这种问题,我期待着你的来信。
我重复一遍,这只适用于初级角色,而不适用于系统中存在的其他角色。
_objUserService包含管理用户的方法,objRoleForCurrentUser的值为"Junior"。用户已登录,但不是重定向到仪表盘,而是重定向到登录页面。
这是登录的代码。登录的默认asp.net代码:
var userIdentity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
authManager.SignIn(new AuthenticationProperties
{
IsPersistent = rememberMe,
}, userIdentity);
谢谢。
更有可能的是,您在布局中呈现了一个子操作,并且该子操作使用Authorize装饰,或者存在于使用Authorize装饰的控制器中,并且不允许下级角色。一般来说,你不应该授权一个子操作,除非它是专门用来处理用户对象的,然后,在这种情况下,你还应该添加[AllowAnonymous],这样授权就不需要。