一、概述

无

二、使用

2.1定义权限

public class MyAuthorizationProvider : AuthorizationProvider
{
    public override void SetPermissions(IPermissionDefinitionContext context)
    {
        var administration = context.CreatePermission("Administration");
        var userManagement = administration.CreateChildPermission("Administration.UserManagement");
        userManagement.CreateChildPermission("Administration.UserManagement.CreateUser");
        var roleManagement = administration.CreateChildPermission("Administration.RoleManagement");
    }
}

2.2注入权限

Configuration.Authorization.Providers.Add<MyAuthorizationProvider>()

2.3调用

2.3.1 通过特性验证权限

[AbpAuthorize("Administration.UserManagement.CreateUser")]
public void CreateUser(CreateUserInput input)
{
//如果用户没有被授予 "Administration.UserManagement.CreateUser" 权限，那么他不能执行这个方法.
}

2.3.2 使用IPermissionChecker

public void CreateUser(CreateOrUpdateUserInput input)
{
    //PermissionChecker注入进来就可以引用了
    if (!PermissionChecker.IsGranted("Administration.UserManagement.CreateUser"))
    {
          throw new AbpAuthorizationException("You are not authorized to create user!");
    }
}

public void CreateUser(CreateOrUpdateUserInput input)
{
    //没有权限自动抛异常
    PermissionChecker.Authorize("Administration.UserManagement.CreateUser");
}

2.3.3在Razor视图中使用

ABP在视图基类中定义了 IsGranted 方法来检查权限

@if (IsGranted("Administration.UserManagement.CreateUser"))
{
    <button id="CreateNewUserButton" class="btn btn‐primary"><i class="fa fa‐plus"></i>@L("CreateNewUser")</button>
}

2.3.4 客户端脚本检查权限

abp.auth.isGranted('Administration.UserManagement.CreateUser');