我正在尝试将MVC风格的授权过滤器作为属性应用于OData Web API控制器的Get()操作方法,但是授权过滤器被忽略了。EntitySetController或ODataController是否支持使用授权属性?
public class MyEntityController : EntitySetController<MyEntity, int>
{
[CustomAuthorizeAttribute(AccessPermission.View)]
[Queryable( AllowedQueryOptions = AllowedQueryOptions.All)]
public override IQueryable<MyEntity> Get()
{
// Contents omitted.
}
}
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
public AccessPermission RequiredPermission { get; set; }
public CustomAuthorizeAttribute(AccessPermission requiredPermission)
{
RequiredPermission = requiredPermission;
}
}