protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { /* * 权限最佳做法: * 1、所有Controller继承拥有AuthorizeAttribute的BaseController * 2、不用控制权限的Action加AllowAnonymousAttribute * 3、要进行特殊授权的,用[Authorize(Policy=PermissionConstant.PermissionAuthorizePolicy)] * * */ //if (context.Requirements.Any(a=>a is OnlyAuthenticationRequirement)) //{ // foreach (var req in context.Requirements) // { // context.Succeed(req); // } // return Task.CompletedTask; //} if (context.User?.Identity?.IsAuthenticated ?? false) { var resourceKey = _permission.GetRequestResourceKey(context.Resource); // 获取资源的key var userKey = _permission.GetUserInfo(context.User).UserKey; // 根据用户的claims获取用户的key if (_permission.HasPermission(resourceKey, userKey)) // 判断用户是否有权限 { context.Succeed(requirement); // 如果有权限,则获得此Requirement } } return(Task.CompletedTask); }