小贝子编程

WebAPI自定义过滤器带有构造函数中的注入接口的自定义过滤器未被调用



我的问题语句与此问题相同,即在属性/过滤器中使用注射服务。我尝试了B z给出的解决方案,以下是我的代码按照给出的解决方案。

//marker attribute
public class AuthorizeViewAttribute : Attribute { }
//filter
public class AuthorizeViewFilter : IAuthorizationFilter
{
    private readonly IAccessRightsService _iAccessRightService;
    public AuthorizeViewFilter(IAccessRightsService iAccessRightService)
    {
        _iAccessRightService = iAccessRightService;
    }
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        RoleFeature roleFeature = _iAccessRightService.GetRoleFeatures();
        if (roleFeature.IsView)
        {
            //redirect to controller
        }
    }      
}

以下是ninject binting i使用:

this.BindFilter<AuthorizeViewFilter>(System.Web.Mvc.FilterScope.Controller, 0)
        .WhenControllerHas<AuthorizeViewAttribute>();

我不需要属性中的任何参数,因此我认为我不需要与此答案中提到的constructorargument一起使用

但是我的过滤器永远不会被调用。我将默认的构造函数放在授权绘制器中,调试并发现控件跳到授权aTtribute中的默认构造函数,并使用控制器方法继续进行。

我找不到任何解决方案。有任何建议吗?

短篇小说:您似乎正在尝试在WebAPI控制器上使用MVC过滤器和MVC绑定。这就是为什么它不起作用。

长篇小说:首先创建一个WebAPI过滤器提供商(注意,您需要ninject.extensions.ftactories软件包才能通过Ninject解决Func<AuthorizeViewFilter>(

public class AuthorizeViewFilterProvider : System.Web.Http.Filters.IFilterProvider
{
    private readonly Func<AuthorizeViewFilter> _authorizeViewFilterFactory;
    public AuthorizeViewFilterProvider(Func<AuthorizeViewFilter> authorizeViewFilterFactory)
    {
        this._authorizeViewFilterFactory = authorizeViewFilterFactory;
    }
    public IEnumerable<FilterInfo> GetFilters(HttpConfiguration configuration, HttpActionDescriptor actionDescriptor)
    {
        if(!actionDescriptor.GetCustomAttributes<AuthorizeViewAttribute>().Any())
            return Enumerable.Empty<FilterInfo>();
        return new[]
        {
            new FilterInfo(this._authorizeViewFilterFactory(), FilterScope.Action)
        };
    }
}

然后创建一个WebAPI过滤器

public class AuthorizeViewFilter : System.Web.Http.Filters.IAuthorizationFilter
{
    private readonly IAccessRightsService _iAccessRightService;
    public AuthorizeViewFilter(IAccessRightsService iAccessRightService)
    {
        _iAccessRightService = iAccessRightService;
    }
    public Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(
        HttpActionContext actionContext,
        CancellationToken cancellationToken,
        Func<Task<HttpResponseMessage>> continuation)
    {
        RoleFeature roleFeature = _iAccessRightService.GetRoleFeatures();
        if (roleFeature.IsView)
        {
            return continuation();
        }
        else
          return Task.FromResult(actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Access denied"));
    }
}

然后,在绑定设置中绑定滤波器:

this.Bind<System.Web.Http.Filters.IFilterProvider>().To<AuthorizeViewFilterProvider>();

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium