(エッセンス)2020年6月29日C#クラスライブラリインタフェース権限検査


using Coldairarrow.Business.Base_Manage; using Coldairarrow.IBusiness; using Coldairarrow.Util; using Microsoft.AspNetCore.Mvc.Filters; using Microsoft.Extensions.DependencyInjection; using System; using System.Threading.Tasks; namespace Core.Api { /// /// /// [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true)] public class ApiPermissionAttribute : BaseActionFilterAsync { public ApiPermissionAttribute(string permissionValue) { if (permissionValue.IsNullOrEmpty()) throw new Exception("permissionValue "); _permissionValue = permissionValue; } public string _permissionValue { get; } /// /// Action /// /// public async override Task OnActionExecuting(ActionExecutingContext context) { if (context.ContainsFilter<NoApiPermissionAttribute>()) return; IServiceProvider serviceProvider = context.HttpContext.RequestServices; IPermissionBusiness _permissionBus = serviceProvider.GetService<IPermissionBusiness>(); IOperator _operator = serviceProvider.GetService<IOperator>(); var permissions = await _permissionBus.GetUserPermissionValuesAsync(_operator.UserId); if (!permissions.Contains(_permissionValue)) context.Result = Error(" !"); } } } namespace Core.Api { /// /// /// public class NoApiPermissionAttribute : BaseActionFilterAsync { } }