How does XmlSiteMapProvider check user to be in specified role?_问答_开发者

How does XmlSiteMapProvider check user to be in specified role?

开发者 https://www.devze.com 2022-12-31 21:24 出处：网络

I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider. I want to override logic of checking user to be in a role specified in siteMapNode\'s property roles:

I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider.

I want to override logic of checking user to be in a role specified in siteMapNode's property roles:

<siteMapNode url="Add.aspx?type=user" title="Add user" roles="admin" />

How can I do that? Which class's member does XmlSiteMapPr开发者_StackOverflow中文版ovider call to check that if securityTrimmingEnabled="true"?

abatishchev is close but does not provide a clear guidance. Calling base will apply the default asp.net access control rules. If you have custom rules, simply make your decision and return a bool.

public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node)
{
     // use the properties of the context and node to determine accessibility.

     // only call base if you do not want to apply your custom rules
     // return base.IsAccessibleToUser(context, node);
}

public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node)
{
     var roles = node.Roles; // here it is!
     return base.IsAccessibleToUser(context, node);
}

Easiest, if someone wants a answer on this one is to add this to your web.config

<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
    <providers>
      <clear/>
      <add name="XmlSiteMapProvider"
           description="Default Sitemap Provider"
           type="System.Web.XmlSiteMapProvider"
           siteMapFile="Web.sitemap"
           securityTrimmingEnabled="true"/>
    </providers>
  </siteMap>

then in your sitemap you can add the attribute roles="something"