目录
- 开发任务
- 代码实现
开发任务
- DotNetNB.Security.Core:定义 core,models,Istore;实现 default memory store
- DotNetNB.WebApplication:创建 ResourceController 和 PermissionController 进行验证
代码实现
- ResourceController
- PermissionController
ResourceController
创建 ResourceController,通过 ResourceManager 获取所有 Resource
using DotNetNB.Security.Core;using Microsoft.AspNetCore.Mvc;namespace DotNetNB.WebApplication.Controllers{[ApiController][Route("[controller]")]public class ResourceController : ControllerBase{private readonly IResourceManager _resourceManager;public ResourceController(IResourceManager resourceManager){_resourceManager = resourceManager;}[HttpGet][Route("")]public async Task<IActionResult> GetAll(){return Ok(await _resourceManager.GetAllAsync());}}}
在 Program 中先将 AddEntityAccessControl 进行注释
builder.Services.AddSecurity(options =>{options.AddActionAccessControl();//.AddEntityAccessControl();});
在 ServiceCollectionExtensions 的扩展方法 AddSecurity 中创建 option,并调用,同时注入 Store 和 Manager
using DotNetNB.Security.Core.Store;using Microsoft.Extensions.DependencyInjection;namespace DotNetNB.Security.Core.Extensions{public static class ServiceCollectionExtensions{public static IServiceCollection AddSecurity(this IServiceCollection services, Action<SecurityOption>? configure){var option = new SecurityOption { Services = services };configure?.Invoke(option);services.AddSingleton<IResourceStore, DefaultResourceStore>().AddSingleton<IPermissionStore, DefaultPermissionStore>().AddScoped<IResourceManager, ResourceManager>().AddScoped<IPermissionManager, PermissionManager>().AddHostedService<ResourceProviderHostedService>();return services;}}}
在 ResourceProviderHostedService 的 StartAsync 方法中将 host 启动时的所有 action 注入进来
using DotNetNB.Security.Core.Models;using Microsoft.Extensions.DependencyInjection;using Microsoft.Extensions.Hosting;namespace DotNetNB.Security.Core{public class ResourceProviderHostedService : IHostedService{private readonly IServiceProvider _serviceProvider;public ResourceProviderHostedService(IServiceProvider serviceProvider){_serviceProvider = serviceProvider;}public async Task StartAsync(CancellationToken cancellationToken){using var scope = _serviceProvider.CreateScope();var providers = scope.ServiceProvider.GetServices<IResourceProvider>();var resourceManager = scope.ServiceProvider.GetService<IResourceManager>();var resources = new List<Resource>();foreach (var provider in providers){resources.AddRange(await provider.ExecuteAsync());}await resourceManager.CreateAsync(resources);}public async Task StopAsync(CancellationToken cancellationToken){}}}
设置 DotNetNB.WebApplication 为启动项,启动项目,可以通过接口看到 action 相关信息
图片001
PermissionController
创建 PermissionController,通过 PermissionManager 获取所有 Permission
using DotNetNB.Security.Core;using Microsoft.AspNetCore.Mvc;namespace DotNetNB.WebApplication.Controllers{[ApiController][Route("[controller]")]public class PermissionController : ControllerBase{private readonly IPermissionManager _permissionManager;public PermissionController(IPermissionManager permissionManager){_permissionManager = permissionManager;}[HttpGet]public async Task<IActionResult> GetAll(){return Ok(await _permissionManager.GetAllAsync());}}}
创建 dto 对象 CreatePermissionRequest
namespace DotNetNB.WebApplication.ViewModels{public class CreatePermissionRequest{public string Key { get; set; }public string DisplayName { get; set; }public string Description { get; set; }public IEnumerable<string> resources { get; set; }}}
在 PermissionController 中添加创建 Permission 的接口
[HttpPost]public async Task<IActionResult> Create([FromBody] CreatePermissionRequest request){await _permissionManager.CreateAsync(request.Key, request.DisplayName, request.Description, request.resources);return Ok();}
在 Program 中将我们的 Permission 模块添加到 Identity 模块上,相当于一个桥接
builder.Services.AddIdentity<IdentityUser<string>, IdentityRole<string>>().WithPermissions<IdentityUser<string>, IdentityRole<string>>();
GitHub源码链接:
https://github.com/MingsonZheng/dotnetnb.security
课程链接
https://appsqsyiqlk5791.h5.xiaoeknow.com/v1/course/video/v_5f39bdb8e4b01187873136cf?type=2
本作品采用知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议进行许可。
欢迎转载、使用、重新发布,但务必保留文章署名 郑子铭 (包含链接: http://www.cnblogs.com/MingsonZheng/ ),不得用于商业目的,基于本文修改后的作品务必以相同的许可发布。
如有任何疑问,请与我联系 (MingsonZheng@outlook.com) 。