.net - 管理员角色的问题：“访问被拒绝”

问题描述

我无法将用户管理页面的访问权限授予管理员

我正在研究 ASP .Net Core，但我被困在了这一点上。我查看了代码，确保引用了同名的类，并测试了 Startup.cs 服务的不同配置，但找不到方法。我正在学习名为“The Little ASP.NET Core Book”的教程。我被困在“角色授权”点上

• 这是我的控制器：

  namespace ASPDotNetCoreTodo.Controllers
  {
  //La configuración de la propiedad Roles en el atributo
  //[Authorize] garantizará que el usuario tenga que iniciar sesión y se le
  //asigne el rol de Administrador para poder ver la página.
  
  [Authorize(Roles = Constants.AdministratorRole)]
  public class ManageUsersController : Controller
  {
      private readonly UserManager<ApplicationUser> _userManager;
  
      public ManageUsersController(UserManager<ApplicationUser> userManager)
      {
          _userManager = userManager;
      }
      public async Task<IActionResult> Index()
      {
          var admins = (await _userManager
              .GetUsersInRoleAsync("Administrator"))
              .ToArray();
  
          var everyone = await _userManager.Users
              .ToArrayAsync();
  
          var model = new ManageUsersViewModel
          {
              Administrators = admins,
              Everyone = everyone
          };
          return View(model);
      }
  }
  

• 该模型：

  namespace ASPDotNetCoreTodo.Models
  {
      public class ManageUsersViewModel
      {
          public ApplicationUser[] Administrators { get; set; }
          public ApplicationUser[] Everyone { get; set; }
      }
  }
  

• Startup.cs 文件：

  namespace ASPDotNetCoreTodo
  {
  public class Startup
  {
      public Startup(IConfiguration configuration)
      {
          Configuration = configuration;
      }
  
      public IConfiguration Configuration { get; }
  
      // This method gets called by the runtime. Use this method to add services to the container.
      public void ConfigureServices(IServiceCollection services)
      {
          services.AddDbContext<ApplicationDbContext>(options =>                  options.UseSqlite(Configuration.GetConnectionString("DefaultConnection")));
  
          //  services.AddIdentity<ApplicationUser, IdentityRole>()
          //      .AddEntityFrameworkStores<ApplicationDbContext>()
          //      .AddDefaultTokenProviders();
  
          services.AddDefaultIdentity<ApplicationUser>()
                  .AddRoles<IdentityRole>()
                  .AddEntityFrameworkStores<ApplicationDbContext>()
                  .AddDefaultTokenProviders()
                  ;
  
  
      services.Configure<CookiePolicyOptions>(options =>
      {
          // This lambda determines whether user consent for non-essential cookies is needed for a given request.
          options.CheckConsentNeeded = context => true;
          options.MinimumSameSitePolicy = SameSiteMode.None;
      });
  
      //Añadimos servicio de aplicaciones
          services.AddScoped<ITodoItemService, TodoItemService>();
  
          services.AddAuthentication(); 
  
          services.AddMvc();
      }
  
      // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
      public void Configure(IApplicationBuilder app, IHostingEnvironment env)
      {
          if (env.IsDevelopment())
          {
              app.UseDeveloperExceptionPage();
              app.UseDatabaseErrorPage();
          }
          else
          {
              app.UseExceptionHandler("/Home/Error");
              app.UseHsts();
          }
  
          app.UseHttpsRedirection();
          app.UseStaticFiles();
          app.UseCookiePolicy();
  
          app.UseAuthentication();
  
          app.UseMvc(routes =>
          {
              routes.MapRoute(
                  name: "default",
                  template: "{controller=Home}/{action=Index}/{id?}");
          });
      }
  }
  

关键是我在获得 ManageUsersController 的授权工作时遇到了麻烦。当在类上方使用 [Authorize(Roles = Constants.AdministratorRole)] 行时，我的测试管理员帐户无法访问该页面，即使使用相同的常量来过滤数据库和菜单中的用户帐户并按预期将它们放在一个表中（在 ManageUsers 视图内）。

我已将 .NET Core 更新到 2.2，并将项目更新到...

无论如何，这是我的 GitHub：https ://github.com/erniker/LearningASPNETCoreAndTests

标签： .netasp.net-mvcasp.net-core