代码拉取完成,页面将自动刷新
/*
* There is role-based access control implemented in Orchard Core which is recommended to be use for authorization.
* There are different Roles each with a set of Permissions (e.g. view a specific content, edit a content or access the
* admin panel). When you want to authorize a user you have to use the IAuthorizationService to check if the current
* user has a permission you provide as a parameter (i.e. is the user in a role that possesses the given permission).
* There are permissions that can be used alone and there are ones that can be checked in conjunction with an object
* (e.g. ViewContent permission with the ContentItem).
*
* Here you will see examples of authorizing the current user to edit a Person content item. We'll also learn how to
* create a custom permission called "Manage Persons" and how to use it.
*/
using Lombiq.TrainingDemo.Permissions;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Localization;
using OrchardCore.ContentManagement;
using OrchardCore.DisplayManagement.Notify;
using System.Threading.Tasks;
namespace Lombiq.TrainingDemo.Controllers;
public class AuthorizationController : Controller
{
private readonly IAuthorizationService _authorizationService;
private readonly IContentManager _contentManager;
private readonly INotifier _notifier;
private readonly IHtmlLocalizer H;
public AuthorizationController(
IAuthorizationService authorizationService,
IContentManager contentManager,
INotifier notifier,
IHtmlLocalizer<AuthorizationController> htmlLocalizer)
{
_authorizationService = authorizationService;
_contentManager = contentManager;
_notifier = notifier;
H = htmlLocalizer;
}
// Here we will create a Person content item and check if the user has permission to edit it. It's very common to
// check if you can view or edit a specific item - it also happens if you use the built-in URLs like
// /Contents/Item/Display/{id} to view a content item.
public async Task<IActionResult> CanEditPerson()
{
// Creating a content item for testing (won't be persisted).
var person = await _contentManager.NewAsync(ContentTypes.PersonPage);
// Check if the user has permission to edit the content item. When you check content-related permissions
// (ViewContent, EditContent, PublishContent etc.) there is a difference between checking these for your content
// items (i.e. the owner is you) and others' content items. When you are the owner of the content item then the
// ViewOwnContent, EditOwnContent, PublishOwnContent etc. permissions will be checked. This is automatic so you
// don't need to use them directly. For this newly created Person item the owner is null so the EditContent
// permission will be used.
if (!await _authorizationService.AuthorizeAsync(User, OrchardCore.Contents.CommonPermissions.EditContent, person))
{
// Return 401 status code using this helper. Although it's a good practice to return 404 (NotFound())
// instead to prevent enumeration attacks.
return Unauthorized();
}
// To keep the demonstration short, only display a notification about the successful authorization and return to
// the home page.
await _notifier.InformationAsync(H["You are authorized to edit Person content items."]);
return Redirect("~/");
}
// NEXT STATION: Permissions/PersonPermissions
public async Task<IActionResult> CanManagePersons()
{
// We've defined a ManagePersons earlier which is added to Administrator users by default. If the currently user
// doesn't have the Administrator role then you can add it on the dashboard. Since this permission can be
// checked without any object as a context the third parameter is left out.
if (!await _authorizationService.AuthorizeAsync(User, PersonPermissions.ManagePersons))
{
return Unauthorized();
}
await _notifier.InformationAsync(H["You are authorized to manage persons."]);
return Redirect("~/");
}
}
// END OF TRAINING SECTION: Permissions and authorization
// NEXT STATION: Controllers/AdminController
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。