In a default install of a MVC3 website tabs are created in the top left. I would like to hide/show these tabs based on whether the current user would have access to the index ViewResult. The allowed roles to the ViewResult are defined by attributes. Is there any way of getting the list of roles for a ViewResult?
在MVC3网站的默认安装中,左上角会创建选项卡。我想根据当前用户是否可以访问索引ViewResult来隐藏/显示这些选项卡。 ViewResult允许的角色由属性定义。有没有办法获取ViewResult的角色列表?
1 个解决方案
#1
10
If you are asking (sorry, wasn't clear exactly to me) about conditional showing of HTML elements based on roles, you could do something like this:
如果您对基于角色的HTML元素的条件显示提出问题(对不起,对我来说并不完全清楚),您可以执行以下操作:
@if (User.IsInRole("Administrators"))
{
@Html.ActionLink("Do Some Action", "DoAction", "SomeController")
}
If that isn't what you're asking, let me know.
如果那不是您要求的,请告诉我。
Follow-up based on your comment:
根据您的评论进行跟进:
Your question interests me and I did a little poking around and found that Vivien Chevallier has an interesting idea here which essentially lets you write something like so:
你的问题让我感兴趣,我做了一点点探讨,发现Vivien Chevallier在这里有一个有趣的想法,它基本上可以让你写出这样的东西:
@Html.ActionLinkAuthorized("The Privilege Zone", "ThePrivilegeZone", "Home", true)
@ Html.ActionLinkAuthorized(“The Privilege Zone”,“ThePrivilegeZone”,“Home”,true)
in your View and then this check the controller action and either renders a link or doesn't.
在您的视图中,然后检查控制器操作,并呈现链接或不。
In his controller example, you've got an action like this:
在他的控制器示例中,您有一个这样的动作:
[Authorize(Roles = "Administrator")]
public ActionResult ThePrivilegeZone()
{
return View();
}
(I guess the key point here is that your View doesn't know squat about "Administrators" and relies upon the extension code to do the heavy lifting here:
(我想这里的关键点是你的View不知道对“管理员”的蹲坐,并依赖于扩展代码来完成繁重的工作:
public static MvcHtmlString ActionLinkAuthorized(
this HtmlHelper htmlHelper,
string linkText, string actionName, string controllerName,
RouteValueDictionary routeValues,
IDictionary<string, object> htmlAttributes, bool showActionLinkAsDisabled)
{
if (htmlHelper.ActionAuthorized(actionName, controllerName))
{
return htmlHelper.ActionLink(
linkText,
actionName, controllerName, routeValues, htmlAttributes);
}
else
{
if (showActionLinkAsDisabled)
{
TagBuilder tagBuilder = new TagBuilder("span");
tagBuilder.InnerHtml = linkText;
return MvcHtmlString.Create(tagBuilder.ToString());
}
else
{
return MvcHtmlString.Empty;
}
}
}
Rather than cut/paste all of that code here, you can take a look at it and see the example application he's got for that. I think what's particularly interesting to this approach is that the view could display that PrivilegeZone link but knows only that something else will determine whether that's the case. So, assuming that you got new requirements to only allow folks who were "Administrators" or "Owners" to have access to the link, you could modify the controller action accordingly and not touch the view code. Interesting idea, at least to me.
不是在这里剪切/粘贴所有代码,而是可以查看它并查看他为此获得的示例应用程序。我认为这种方法特别有趣的是视图可以显示PrivilegeZone链接,但只知道其他东西将决定是否是这种情况。因此,假设您有新的要求只允许“管理员”或“所有者”的人员访问该链接,您可以相应地修改控制器操作,而不是触摸视图代码。有趣的想法,至少对我而言。
#1
10
If you are asking (sorry, wasn't clear exactly to me) about conditional showing of HTML elements based on roles, you could do something like this:
如果您对基于角色的HTML元素的条件显示提出问题(对不起,对我来说并不完全清楚),您可以执行以下操作:
@if (User.IsInRole("Administrators"))
{
@Html.ActionLink("Do Some Action", "DoAction", "SomeController")
}
If that isn't what you're asking, let me know.
如果那不是您要求的,请告诉我。
Follow-up based on your comment:
根据您的评论进行跟进:
Your question interests me and I did a little poking around and found that Vivien Chevallier has an interesting idea here which essentially lets you write something like so:
你的问题让我感兴趣,我做了一点点探讨,发现Vivien Chevallier在这里有一个有趣的想法,它基本上可以让你写出这样的东西:
@Html.ActionLinkAuthorized("The Privilege Zone", "ThePrivilegeZone", "Home", true)
@ Html.ActionLinkAuthorized(“The Privilege Zone”,“ThePrivilegeZone”,“Home”,true)
in your View and then this check the controller action and either renders a link or doesn't.
在您的视图中,然后检查控制器操作,并呈现链接或不。
In his controller example, you've got an action like this:
在他的控制器示例中,您有一个这样的动作:
[Authorize(Roles = "Administrator")]
public ActionResult ThePrivilegeZone()
{
return View();
}
(I guess the key point here is that your View doesn't know squat about "Administrators" and relies upon the extension code to do the heavy lifting here:
(我想这里的关键点是你的View不知道对“管理员”的蹲坐,并依赖于扩展代码来完成繁重的工作:
public static MvcHtmlString ActionLinkAuthorized(
this HtmlHelper htmlHelper,
string linkText, string actionName, string controllerName,
RouteValueDictionary routeValues,
IDictionary<string, object> htmlAttributes, bool showActionLinkAsDisabled)
{
if (htmlHelper.ActionAuthorized(actionName, controllerName))
{
return htmlHelper.ActionLink(
linkText,
actionName, controllerName, routeValues, htmlAttributes);
}
else
{
if (showActionLinkAsDisabled)
{
TagBuilder tagBuilder = new TagBuilder("span");
tagBuilder.InnerHtml = linkText;
return MvcHtmlString.Create(tagBuilder.ToString());
}
else
{
return MvcHtmlString.Empty;
}
}
}
Rather than cut/paste all of that code here, you can take a look at it and see the example application he's got for that. I think what's particularly interesting to this approach is that the view could display that PrivilegeZone link but knows only that something else will determine whether that's the case. So, assuming that you got new requirements to only allow folks who were "Administrators" or "Owners" to have access to the link, you could modify the controller action accordingly and not touch the view code. Interesting idea, at least to me.
不是在这里剪切/粘贴所有代码,而是可以查看它并查看他为此获得的示例应用程序。我认为这种方法特别有趣的是视图可以显示PrivilegeZone链接,但只知道其他东西将决定是否是这种情况。因此,假设您有新的要求只允许“管理员”或“所有者”的人员访问该链接,您可以相应地修改控制器操作,而不是触摸视图代码。有趣的想法,至少对我而言。