I have a custom SiteMapProvider (populated from database) and a custom AuthorizeAttribute (validates current users roles + requested page against Role_Page database) for controller classes.
I have to implement the function SiteMapProvider.IsAccessibleToUser(context, node). I also have to implement AuthorizeAttribute.AuthorizeCore(context).
How are these two functions related? Isn't there some way to 'attribute' the SiteMapProvider?
Some code:
edit: Might this be a solution (inside AuthorizeCore())? context however is HttpContextBase, and IsAccessibleToUser() only takes HttpContext as parameter.
If Not SiteMap.Provider.IsAccessibleToUser(context, SiteMap.CurrentNode) Then
current code:
Public Class CustomValidateAuthorization : Inherits AuthorizeAttribute
Public Sub New()
End Sub
Protected Overrides Function AuthorizeCore(ByVal httpContext As System.Web.HttpContextBase) As Boolean
If Not Global.Page.IsAccessib开发者_运维知识库leToUser(httpContext.User) Then
//Exception or redirect (in exception)?
// or return false?
End If
Return True
End Function
End Class
Public Class CustomSiteMapProvider : Inherits StaticSiteMapProvider
Public Overrides Function IsAccessibleToUser(ByVal context As System.Web.HttpContext, ByVal node As System.Web.SiteMapNode) As Boolean
Dim p As New BLL.Page
p.LoadFromSiteMapNode(node)
Return p.IsAccessibleToUser(context.User)
End Function
End Class
I currently use the default sitemapprovider twice.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论