I have to give access rigths to the users of a website. I am doing the filtering here:
我必须为网站用户提供访问权限。我在这里做过滤:
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
}
The problem is that I cannot distinguish full View request such as 'Index' from PartialViewRequests or AJAX calls requests.
问题是我无法区分完整的View请求,例如'Index'与PartialViewRequests或AJAX调用请求。
Therefore the page 'Index' has access but the 'PartialViewGridViewForIndex' does not have access.
因此页面'Index'具有访问权限,但'PartialViewGridViewForIndex'没有访问权限。
The property ControllerContext.IsChildAction does not help either.
属性ControllerContext.IsChildAction也没有帮助。
3 个解决方案
#1
31
You could use the IsAjaxRequest extension method to determine if an AJAX request was used to invoke this controller action:
您可以使用IsAjaxRequest扩展方法来确定是否使用AJAX请求来调用此控制器操作:
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
// the controller action was invoked with an AJAX request
}
}
#2
1
You can extend HttpRequestExtensions in asp.net Core 2 as below
您可以在asp.net Core 2中扩展HttpRequestExtensions,如下所示
public static class HttpRequestExtensions
{
private const string RequestedWithHeader = "X-Requested-With";
private const string XmlHttpRequest = "XMLHttpRequest";
public static bool IsAjaxRequest(this HttpRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
if (request.Headers != null)
{
return request.Headers[RequestedWithHeader] == XmlHttpRequest;
}
return false;
}
}
And use it as
并用它作为
if (!Request.IsAjaxRequest())
{
//----
}
else
{
// -------
}
#3
0
I would create an Authorization filter by extending the AuthorizeAttribute. I would then put my code in the OnAuthorize override. In the FilterContext object you can look at FilterContext.ActionDescriptor.MethodInfo.ReturnType.Name. For a partial view this will be PartialViewResult.
我将通过扩展AuthorizeAttribute来创建一个Authorization过滤器。然后我会将我的代码放在OnAuthorize覆盖中。在FilterContext对象中,您可以查看FilterContext.ActionDescriptor.MethodInfo.ReturnType.Name。对于局部视图,这将是PartialViewResult。
#1
31
You could use the IsAjaxRequest extension method to determine if an AJAX request was used to invoke this controller action:
您可以使用IsAjaxRequest扩展方法来确定是否使用AJAX请求来调用此控制器操作:
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
// the controller action was invoked with an AJAX request
}
}
#2
1
You can extend HttpRequestExtensions in asp.net Core 2 as below
您可以在asp.net Core 2中扩展HttpRequestExtensions,如下所示
public static class HttpRequestExtensions
{
private const string RequestedWithHeader = "X-Requested-With";
private const string XmlHttpRequest = "XMLHttpRequest";
public static bool IsAjaxRequest(this HttpRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
if (request.Headers != null)
{
return request.Headers[RequestedWithHeader] == XmlHttpRequest;
}
return false;
}
}
And use it as
并用它作为
if (!Request.IsAjaxRequest())
{
//----
}
else
{
// -------
}
#3
0
I would create an Authorization filter by extending the AuthorizeAttribute. I would then put my code in the OnAuthorize override. In the FilterContext object you can look at FilterContext.ActionDescriptor.MethodInfo.ReturnType.Name. For a partial view this will be PartialViewResult.
我将通过扩展AuthorizeAttribute来创建一个Authorization过滤器。然后我会将我的代码放在OnAuthorize覆盖中。在FilterContext对象中,您可以查看FilterContext.ActionDescriptor.MethodInfo.ReturnType.Name。对于局部视图,这将是PartialViewResult。