我的问题语句与此问题相同,即在属性/过滤器中使用注射服务。我尝试了B z给出的解决方案,以下是我的代码按照给出的解决方案。
//marker attribute
public class AuthorizeViewAttribute : Attribute { }
//filter
public class AuthorizeViewFilter : IAuthorizationFilter
{
private readonly IAccessRightsService _iAccessRightService;
public AuthorizeViewFilter(IAccessRightsService iAccessRightService)
{
_iAccessRightService = iAccessRightService;
}
public void OnAuthorization(AuthorizationContext filterContext)
{
RoleFeature roleFeature = _iAccessRightService.GetRoleFeatures();
if (roleFeature.IsView)
{
//redirect to controller
}
}
}
以下是ninject binting i使用:
this.BindFilter<AuthorizeViewFilter>(System.Web.Mvc.FilterScope.Controller, 0)
.WhenControllerHas<AuthorizeViewAttribute>();
我不需要属性中的任何参数,因此我认为我不需要与此答案中提到的constructorargument一起使用
但是我的过滤器永远不会被调用。我将默认的构造函数放在授权绘制器中,调试并发现控件跳到授权aTtribute中的默认构造函数,并使用控制器方法继续进行。
。我找不到任何解决方案。有任何建议吗?
短篇小说:您似乎正在尝试在WebAPI控制器上使用MVC过滤器和MVC绑定。这就是为什么它不起作用。
长篇小说:首先创建一个WebAPI过滤器提供商(注意,您需要ninject.extensions.ftactories软件包才能通过Ninject解决Func<AuthorizeViewFilter>
(
public class AuthorizeViewFilterProvider : System.Web.Http.Filters.IFilterProvider
{
private readonly Func<AuthorizeViewFilter> _authorizeViewFilterFactory;
public AuthorizeViewFilterProvider(Func<AuthorizeViewFilter> authorizeViewFilterFactory)
{
this._authorizeViewFilterFactory = authorizeViewFilterFactory;
}
public IEnumerable<FilterInfo> GetFilters(HttpConfiguration configuration, HttpActionDescriptor actionDescriptor)
{
if(!actionDescriptor.GetCustomAttributes<AuthorizeViewAttribute>().Any())
return Enumerable.Empty<FilterInfo>();
return new[]
{
new FilterInfo(this._authorizeViewFilterFactory(), FilterScope.Action)
};
}
}
然后创建一个WebAPI过滤器
public class AuthorizeViewFilter : System.Web.Http.Filters.IAuthorizationFilter
{
private readonly IAccessRightsService _iAccessRightService;
public AuthorizeViewFilter(IAccessRightsService iAccessRightService)
{
_iAccessRightService = iAccessRightService;
}
public Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(
HttpActionContext actionContext,
CancellationToken cancellationToken,
Func<Task<HttpResponseMessage>> continuation)
{
RoleFeature roleFeature = _iAccessRightService.GetRoleFeatures();
if (roleFeature.IsView)
{
return continuation();
}
else
return Task.FromResult(actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Access denied"));
}
}
然后,在绑定设置中绑定滤波器:
this.Bind<System.Web.Http.Filters.IFilterProvider>().To<AuthorizeViewFilterProvider>();