Injection of GlimpseSecurityPolicy
本文关键字:GlimpseSecurityPolicy of Injection | 更新日期: 2023-09-27 18:11:45
我想实现我自己的IRuntimePolicy。我按照给定的例子,但我需要访问我们的数据库或最好的将是有我们的UserSession对象注入。
何时在运行时创建安全对象?这可能吗?我没有找到任何例子。
我相信我们使用的是Ninject 3.2.3(或者MVC 5的最新版本)。
我想象像
这样的东西public class GlimpseSecurityPolicy : IRuntimePolicy
{
private readonly IAclManager aclManager;
private readonly IUserSession userSession;
public GlimpseSecurityPolicy(IUserSession userSession, IAclManager aclManager)
{
this.userSession = userSession;
this.aclManager = aclManager;
}
public RuntimeEvent ExecuteOn
{
// check policy when request ends and when executing a resource (like glimpse.axd)
get { return RuntimeEvent.EndRequest | RuntimeEvent.ExecuteResource; }
}
public RuntimePolicy Execute(IRuntimePolicyContext policyContext)
{
if (!this.aclManager.IsUserAllowed(UserAction.AccessGlimpse, this.userSession.GetUser()))
{
return RuntimePolicy.Off;
}
return RuntimePolicy.On;
}
}
最后,我们只有一个选择:使用DependencyResolver.Current.GetService<IThing>()。
public class GlimpseSecurityPolicy : IRuntimePolicy
{
public RuntimeEvent ExecuteOn => RuntimeEvent.EndRequest | RuntimeEvent.ExecuteResource;
public RuntimePolicy Execute(IRuntimePolicyContext policyContext)
{
var aclManager = DependencyResolver.Current.GetService<IAclManager>();
var userSession = DependencyResolver.Current.GetService<IUserSession>();
if (!aclManager.IsUserAllowed(UserAction.AccessGlimpse, userSession.GetUser()))
{
return RuntimePolicy.Off;
}
return RuntimePolicy.On;
}
}