How to test asp.net location folder authorization programmatically

非 Y 不嫁゛ 提交于 2020-02-02 13:57:33

问题


I have an location element in my web.config like so:

<location path="Admin">
    <system.web>
        <authorization>
            <allow roles="Domain\Development"/>
            <deny users="*" />
        </authorization>
    </system.web>
</location>

This works to only allow members of the development group access to this folder.

I was wondering if there is a way to simply test if a user has access to this folder?

One scenario is creating menu items. I'd simply like to hide or not render links to pages in this folder if the user does not have the proper rights.

Is there a way to do this in code. I don't want to have to hard code a check for membership in Domain\Development rather I'd like to use asp.net to tell me if this current user has access.

This would be nice if the rules get more complicated etc. Also having this in one place enforces DRY (Don't Repeat Yourself).


回答1:


Through a related question I found the answer. Call UrlAuthorizationModule.CheckUrlAccessForPrincipal. (Documentation is here.) You can give it a path and a user (such as Page.User for the current user), and it will tell you if the user can access that path.

I like this for exactly the reason you mentioned: You can put your access logic in one place.



来源:https://stackoverflow.com/questions/3026293/how-to-test-asp-net-location-folder-authorization-programmatically

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!