Condividi tramite

Campo AuthorizationResult.Allowed

  • Articolo

Indica che l'operazione richiesta è consentita.

Spazio dei nomi: System.ComponentModel.DataAnnotations
Assembly: System.ServiceModel.DomainServices.Server (in system.servicemodel.domainservices.server.dll)

Utilizzo

'Utilizzo
Dim value As AuthorizationResult

value = AuthorizationResult.Allowed

Sintassi

'Dichiarazione
Public Shared ReadOnly Allowed As AuthorizationResult

public static readonly AuthorizationResult Allowed

public:
static initonly AuthorizationResult^ Allowed

public static final AuthorizationResult Allowed

public static final var Allowed : AuthorizationResult

Esempio

Nell'esempio seguente viene illustrata un'implementazione dell'oggetto AuthorizationAttribute che utilizza un valore AuthorizationContext per personalizzare l'autenticazione.

Public Class RestrictAccessToAssignedManagers
    Inherits AuthorizationAttribute

    Protected Overrides Function IsAuthorized(ByVal principal As System.Security.Principal.IPrincipal, ByVal authorizationContext As System.ComponentModel.DataAnnotations.AuthorizationContext) As System.ComponentModel.DataAnnotations.AuthorizationResult
        Dim eph As EmployeePayHistory
        Dim selectedEmployee As Employee
        Dim authenticatedUser As Employee

        eph = CType(authorizationContext.Instance, EmployeePayHistory)
            
        Using context As New AdventureWorksEntities()
            selectedEmployee = context.Employees.SingleOrDefault(Function(e) e.EmployeeID = eph.EmployeeID)
            authenticatedUser = context.Employees.SingleOrDefault(Function(e) e.LoginID = principal.Identity.Name)
        End Using

        If (selectedEmployee.ManagerID = authenticatedUser.EmployeeID) Then
            Return AuthorizationResult.Allowed
        Else
            Return New AuthorizationResult("Only the authenticated manager for the employee can add a new record.")
        End If
    End Function
End Class

public class RestrictAccessToAssignedManagers : AuthorizationAttribute
{
    protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext)
    {
        EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance;
        Employee selectedEmployee;
        Employee authenticatedUser;

        using (AdventureWorksEntities context = new AdventureWorksEntities())
        {
            selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID);
            authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name);
        }

        if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID)
        {
            return AuthorizationResult.Allowed;
        }
        else
        {
            return new AuthorizationResult("Only the authenticated manager for the employee can add a new record.");
        }
    }
}

Osservazioni

La proprietà Allowed viene utilizzata per rappresentare una richiesta di autorizzazione riuscita. Qualsiasi istanza di questa classe che non è null o Allowed rappresenta una richiesta di autorizzazione negata.

Piattaforme

Piattaforme di sviluppo

Windows XP Home Edition, Windows XP Professional, Windows Server 2003 , Windows Server 2008 e Windows 2000

Piattaforme di destinazione

Change History

Vedere anche

Riferimento

Classe AuthorizationResult
Membri AuthorizationResult
Spazio dei nomi System.ComponentModel.DataAnnotations