问题
We just upgraded to .NET Core, and i'm trying to get things up and running with as little refactor as possible.
All of our Security is handled by custom attribute decorations on controller methods. Kinda like this:
[CustomAuthorize(Roles = "VIEWONLY, DEVELOPER, ADMIN, CHIEFADMIN")
public ActionResult GetPage(string id){
return view;
}
Previously i had a custom HTMLHelper helping me do security trimming on Menu Links. It would check the controller action, and return true/false. Most of the examples im seeing are requiring me to move where the security restrictions are declared(away from the method and into somewhere else). This refactor would be much too large at this time.
I found a post using tag helper ASP.NET Core MVC Navigation Security Trimming
I got this code to run, but would need to somehow find the controller attribute and check that way, instead of how they are doing it and passing in a role(moving where everything is declared).
来源:https://stackoverflow.com/questions/59620624/net-core-security-trimming-using-authorized-attribute-on-controller-methods