我有以下代码:
[AcceptVerbs(HttpVerbs.Post), Authorize(Roles = RoleKeys.Administrators)]
public ActionResult Edit(int id, FormCollection collection)
{
User user = userRepository.GetUser(id);
try
{
this.UpdateModel(user);
userRepository.Save();
return this.RedirectToAction("Details", new { id = user.UserId });
}
catch
{
this.ModelState.AddModelErrors(user.GetRuleViolations());
return View(new UserFormViewModel(user));
}
}
如果当前登录的用户是 不是 在管理员角色中,它会将他们踢回登录屏幕。用户是 已经登录后,他们只是无权执行请求的操作。
有什么方法可以让它们重定向到特定 View ,例如 AccessDenied?
最佳答案
您可以定义自己的属性:
public class MyAuthorizeAttribute: AuthorizeAttribute
{
public override void OnAuthorization( AuthorizationContext filterContext )
{
base.OnAuthorization(filterContext);
if (filterContext.Result is HttpUnauthorizedResult)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary
{
{ "controller", "Login" },
{ "action", "AccessDenied" }
});
}
}
}
并使用
[AcceptVerbs(HttpVerbs.Post), MyAuthorize(Roles = RoleKeys.Administrators)]
关于asp.net-mvc - 授权失败时将用户重定向到特定 View ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1698389/