asp.net MVC 自定义 Authorize 属性，传递参数和方法细节

Question

我正在尝试创建 MVC 自定义身份验证属性。

我有这个方法如下：

[DealerContextRequired]
[CustomerContextRequiredAttribute("Invoice", "InvoiceNumber", invoiceNumber)]
public ActionResult InvoiceModal(string invoiceNumber)
{
    if (!Request.IsAjaxRequest())
       return RedirectToAction("InvoiceModal", "Orders", new { area = "my_account", headerNumber = invoiceNumber });

    InvoiceHeader invoice = _invoiceReader.Get(invoiceNumber, false);

    if (_dealerContext.CurrentFranchisee != null)
    {
       var order = _orderReader.GetByInvoiceNumber(invoice.InvoiceNumber).FirstOrDefault();
       if (order == null)
             return HttpNotFound();

       if (order.Franchisee == null || _dealerContext.CurrentFranchisee.Key != order.Franchisee.Key)
            return new HttpUnauthorizedResult();
    }

    return PartialView("InvoiceModal", invoice);
}

下面是我到目前为止创建的属性，我正在努力将值从控制器属性传递给属性，请参阅下面的属性类：

public class CustomerContextRequiredAttribute : System.Web.Mvc.AuthorizeAttribute
{
    public object Entity { get; set; }

    public string Key { get; set; }

    public int Value { get; set; }
    public CustomerContextRequiredAttribute(object entity, string key, int value)
    {
        this.Entity = entity;
        this.Key = key;
        this.Value = value;
    }

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        var customerContext = DependencyResolver.Current.GetService<CustomerContext>();
        var _customerReader = DependencyResolver.Current.GetService<ICustomerReader>();

        var entity = this.Entity;
        var key = this.Key;
        var value = this.Value;

        // some logic required for the attribute I am creating based on the above three values..

    }
}

这将是多项操作所必需的，那么如何在自定义属性上获取所需的数据/字段？

Answer 1

这看起来应该可以工作。像这样将值传递给构造函数是可以接受的。

您可以尝试从构造函数中删除它们并执行以下操作：

[CustomerContextRequiredAttribute(Entity = "Invoice", Key = "InvoiceNumber", Value = invoiceNumber)]
public ActionResult InvoiceModal(string invoiceNumber)