Below to delete the product as an example to illustrate the permissions verification in the Aspect # app, this action requests ProductAccess.delete permission. The idea is as follows: Since you need to transfer some information into the interceptor, I use the custom weights attribute to solve. Then calling method interception custom permission attribute authentication methods custom permission attribute public enum ProductAccess {Create = 1010, Update = 1020, Delete = 1030} public interface IBizSecurity {void validate ();} public ProductSecurityAttribute:. attribute, IBizSecurity {ProductAccess; Public ProductSecurityAttribute (ProductAccess Access) {this.access = Access;}
Public void validate () {// Verify that the user has permission operation.}}} The custom property on the enumeration method of the permission interceptor interceptor enumeration method, if the attribute is a custom weight limit attribute and implements the IBIZSecurity interface, then call the Validate method Invoke method .SecurityInterceptor validation code permission as follows: public class securityInterceptor: IMethodInterceptor {MethodInfo mInfo = invocation.GetMethod (); foreach (attribute attr in Attribute.GetCustomAttributes (mInfo)) {// check whether the custom property permission attributes / / Can declare multiple permissions attributes on an operation. If (ibizsecurity) (ibizsecurity) (ibizsecurity) (ipSsecurity) ();}} // Class SecurityInterceptor can be executed in actual method Permissions verification before or later. Product Service Control Object PUBLIC CLASS Productco: iproductco {// Declaration DELETE Operation Request ProductAccess.delete Permissions. [BizSecurity (ProductAccess.delete)] Public void delete (int productID) {// Remove the product. } // Class Productco
Configuration file and main program Please refer to AOP application - transaction processing