讓我們假設你的RequirementA_OR_B
是由兩方面的要求,如:
public class RequirementA_OR_B : IAuthorizationRequirement
{
public RequirementA RequirementA { get; set; }
public RequirementB RequirementB { get; set; }
}
然後,您可以創建相結合的處理程序如下:
public class RequirementA_OR_BHandler : AuthorizationHandler<RequirementA_OR_B>
{
private RequirementAHandler _requirementAHandler;
private RequirementBHandler _requirementBHandler;
public RequirementA_OR_BHandler(/* Whatever is needed by either handlers*/)
{
// note: the dependency injection framework might directly inject both handlers, but I didn't check
_requirementAHandler = new RequirementAHandler();
_requirementBHandler = new RequirementBHandler();
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, RequirementA_OR_B requirement)
{
// create a dummy context with both requirements
var requirements = new IAuthorizationRequirement[]
{
requirement.RequirementA,
requirement.RequirementB,
};
var dummyContext = new AuthorizationHandlerContext(requirements, context.User, null);
await _requirementAHandler.HandleAsync(dummyContext);
await _requirementBHandler.HandleAsync(dummyContext);
// if either A or B succeeds, the number of pending requirements will decrease
if (dummyContext.PendingRequirements.Count() < 2)
context.Succeed(requirement);
await Task.FromResult(true);
}
}
[轉貼的GitHub問題(https://github.com/aspnet/Security/issues/1356) – spottedmahn