첨부 실행 코드는 나눔고딕코딩 폰트를 사용합니다.
본 블로그는 광고를 포함하고 있습니다.
광고 클릭에서 발생하는 수익금은 모두 블로그 콘텐츠 향상을 위해 쓰여집니다.

728x90
반응형

▶ MultipleRoleAuthorizeAttribute.cs

using Microsoft.AspNetCore.Mvc;

namespace TestServer.Tools
{
    /// <summary>
    /// 복수 역할 권한 확인 어트리브튜
    /// </summary>
    public class MultipleRoleAuthorizeAttribute : TypeFilterAttribute
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - MultipleRoleAuthorizeAttribute(policyList, applyAnd)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="policyList">정책 리스트</param>
        /// <param name="applyAnd">AND 적용 여부</param>
        public MultipleRoleAuthorizeAttribute(string policyList, bool applyAnd = false) : base(typeof(MultipleRoleAuthorizeFilter))
        {
            Arguments = new object[] { policyList, applyAnd };
        }

        #endregion
    }
}

 

728x90

 

▶ MultipleRoleAuthorizeFilter.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace TestServer.Tools
{
    /// <summary>
    /// 복수 역할 권한 확인 필터
    /// </summary>
    public class MultipleRoleAuthorizeFilter : IAsyncAuthorizationFilter
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Field
        ////////////////////////////////////////////////////////////////////////////////////////// Private

        #region Field

        /// <summary>
        /// 권한 서비스
        /// </summary>
        private readonly IAuthorizationService authorizationService;

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Property
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 정책 리스트 - PolicyList

        /// <summary>
        /// 정책 리스트
        /// </summary>
        public string PolicyList { get; private set; }

        #endregion
        #region AND 적용 여부 - ApplyAnd

        /// <summary>
        /// AND 적용 여부
        /// </summary>
        public bool ApplyAnd { get; private set; }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - MultipleRoleAuthorizeFilter(policyList, applyAnd, authorizationService)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="policyList">정책 리스트</param>
        /// <param name="applyAnd">AND 적용 여부</param>
        /// <param name="authorizationService">권한 서비스</param>
        public MultipleRoleAuthorizeFilter(string policyList, bool applyAnd, IAuthorizationService authorizationService)
        {
           this.authorizationService = authorizationService;

           PolicyList = policyList;
           ApplyAnd   = applyAnd;
        }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 권한 확인시 처리하기 (비동기) - OnAuthorizationAsync(context)

        /// <summary>
        /// 권한 확인시 처리하기 (비동기)
        /// </summary>
        /// <param name="context">컨텍스트</param>
        /// <returns>태스크</returns>
        public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
        {
            List<string> list = PolicyList.Split(";").ToList();

            if(ApplyAnd)
            {
                foreach(string policy in list)
                {
                    AuthorizationResult result = await authorizationService.AuthorizeAsync(context.HttpContext.User, policy);

                    if(!result.Succeeded)
                    {
                        context.Result = new UnauthorizedResult(); // new ForbidResult();

                        return;
                    }

                }
             }
             else
             {
                foreach(string policy in list)
                {
                     AuthorizationResult result = await authorizationService.AuthorizeAsync(context.HttpContext.User, policy);

                     if(result.Succeeded)
                     {
                         return;
                     }

                }

                context.Result = new UnauthorizedResult(); // new ForbidResult();

                return;
            }
        }

        #endregion
    }
}
728x90
반응형
그리드형(광고전용)
Posted by 사용자 icodebroker

댓글을 달아 주세요