PROSAGA码农传奇-策略引擎-基于Asp.net核心代码的策略需要访问Authorize属性

<div class =“post-text”itemprop =“text”>
  
    虽然我会用
    <a href="https://docs.asp.net/en/latest/security/authorization/resourcebased.html" rel="nofollow noreferrer">
      基于资源的授权
    </A>
     正如我评论的那样，有一种方法可以实现您的目标：
  
  
    首先创建一个自定义属性：
  
   <pre>
 <code>
 public class AgeAuthorizeAttribute : Attribute
{
 public int Age{ get; set; }
 public AgeAuthorizeAttribute(int age)
 {
 Age = age;
 }
}

</code>
 </pre>
  
    然后编写过滤器提供程序：
  
   <pre>
 <code>
 public class CustomFilterProvider : IFilterProvider
{
 public int Order
 {
 get
 {
 return 0;
 }
 }

public void OnProvidersExecuted(FilterProviderContext context)
    {
    }

public void OnProvidersExecuting(FilterProviderContext context)
 {
 var ctrl = context.ActionContext.ActionDescriptor as ControllerActionDescriptor;
 var ageAttr = ctrl.MethodInfo.GetCustomAttribute<AgeAuthorizeAttribute>();
 if (ageAttr == null)
 {
 ageAttr = ctrl.ControllerTypeInfo.GetCustomAttribute<AgeAuthorizeAttribute>();
 }
 if (ageAttr != null)
 {
 var policy = new AuthorizationPolicyBuilder()
 .AddRequirements(new MinimumAgeRequirement(ageAttr.Age))
 .Build();

var filter = new AuthorizeFilter(policy);
            context.Results.Add(new FilterItem(new FilterDescriptor(filter, FilterScope.Action), filter));
        }
    }
}

</code>
 </pre>
  
    最后注册过滤提供商：
  
   <pre>
 <code>
 services.TryAddEnumerable(ServiceDescriptor.Singleton<IFilterProvider, CustomFilterProvider>());

</code>
 </pre>
  
    并使用它
  
   <pre>
 <code>
 [AgeAuthorize(21)]
public IActionResult SomeAction()

... or
[AgeAuthorize(21)]
public class AlcoholPurchaseRequirementsController : Controller

</code>
 </pre>
  
    ps：未经测试
  
</DIV>