当我将"System.Configuration.ConfigurationManager.AppSettings["ADGroupReader"].ToString()"添加到授权角色部分标题中时,我遇到了以下编译错误。
在web.config文件中,我有: add key="ADGroupReader" value="Readers DEV"
编译错误:属性参数必须是常量表达式、typeof表达式或属性参数类型的数组创建表达式。
[AuthorizedRedirect]
[Authorize(Roles = System.Configuration.ConfigurationManager.AppSettings["ADGroupReader"].ToString())]
public class HomeController : Controller
{
.....
}
我不想硬编码角色(Roles="Readers DEV"); 我希望从web.config文件中读取它。我该怎么做?
这篇属性教程讲解了属性参数的限制:
属性参数仅限于以下类型的常量值:
- 简单类型(bool、byte、char、short、int、long、float和double)
- 字符串
- System.Type
- 枚举类型
- 对象(类型为对象的属性参数的参数必须是上述类型之一的常量值。)
- 上述任何类型的一维数组
从上面的描述中可以看出,由于存在 ToString 方法,所以该赋值无效:
[Authorize(Roles = System.Configuration.ConfigurationManager.AppSettings["ADGroupReader"].ToString())]
作为一种解决方法,您可以创建一个自定义的AuthorizeAttribute,其中预定义了Roles参数,该参数包含对您的AppSettings中的Roles进行默认分配:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
public CustomAuthorizeAttribute()
{
this.Roles = ConfigurationManager.AppSettings["ADGroupReader"].ToString();
}
// other stuff
}
在控制器类中的使用:
[AuthorizedRedirect]
[CustomAuthorize]
public class HomeController : Controller
{
.....
}
public class ReaderAuthorizeAttribute : AuthorizeAttribute
{
public ReaderAuthorizeAttribute()
{
this.Roles = System.Configuration.ConfigurationManager.AppSettings["ADGroupReader"];
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
return base.AuthorizeCore(httpContext);
}
}
[AuthorizedRedirect]
[ReaderAuthorizeAttribute]
public class HomeController : Controller
{
....
}
public class AuthorizeBySettingAttribute : AuthorizeAttribute
{
public AuthorizeBySettingAttribute(string setting) : base()
{
if (setting != null && Settings.Default[setting] != null)
{
this.Roles = Settings.Default[setting].ToString();
}
else
{
throw new InvalidOperationException("AuthorizeBySetting initialized with invalid setting");
}
}
}