是否有帮助?
是否有帮助?
在这文章
  • 创建:2022/4/9, 8:37 AM
  • 更新:2022/4/14, 3:15 AM

文章 定义权限

可以向站点、群组和应用程序级别授予权限,以控制对平台每个区域的访问。该平台允许您创建和定义自己的权限集。这些权限包含默认配置,以后可由群组所有者或管理员配置。

为什么要创建权限?

在创建解决方案,要求平台能授予或限制对站点、群组或应用程序级别的用户访问权限时,可以实现 IPermissionRegistar。

创建权限

若要添加对创建权限的支持,需要实现 IPermissionRegistar 接口。IPermissionRegistrar 必须与 IPermission 接口一起实现,它在 Limyee.Core.dll 的 Limyee.Extensibility.Security.Version1 命名空间中定义。

using System;
using Limyee.Api.Content;
using Limyee.Extensibility.Security.Version1;

namespace Samples
{
    public class SamplePermissions : IPermissionRegistrar
    {
        #region IPlugin

        //...

        #endregion

        #region IPermissionRegistrar

        //...

        #endregion
    }

    public class SamplePermission : IPermission
    {
        //...
    }
}

设置 RegisterPermissions 方法,需要先为权限生成新的 Guid。如果创建自定义应用程序,请确保 ApplicationTypeId 与应用程序的 ID 匹配,此 ApplicationTypeId 对应的应用程序必需已安装在此示例中,使用了自定义链接应用程序 ID。选择有意义的名称和说明。然后通过创建新的 PermissionConfiguration 来确定默认配置。

PermissionConfiguration 将作为每个群组类型的默认配置。启用插件后,将自动设置默认权限。群组类型是通过使用 JoinlessGroupPermissionConfiguration 配置免加入群组和使用 MembershipGroupPermissionConfiguration 配置其他类型群组。布尔值将确定是否将向“Everyone”、“Managers”、“Members”、“Owners”和“RegisteredUsers”角色分配您的权限。

public void RegisterPermissions(IPermissionRegistrarController permissionController)
{
    permissionController.Register(new SamplePermission(
        new Guid("710A8E0E-1A1D-40FD-A04B-00B30BCA6E74"),
        "创建内容",
        "使用户能够创建内容。",
        new Guid("C0F7FA13-AA91-4840-B6C3-9DE714AC1E62"),
        new PermissionConfiguration
        {
            Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Owners = true },
            PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true },
            PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true },
            PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true },
            PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true },
        }));

        //Register more permissions
}

注册权限的对象需要实现 IPermission。Guid ID 对于每个权限都是唯一的。选择描述您正在创建的权限的名称和描述。应用程序类型 Id 是来自预定义的应用程序 ID。最后,PermissionConfiguration 是前面提到的权限默认配置。

public class SamplePermission : IPermission
{
    public SamplePermission(Guid id, string name, string description, Guid applicationTypeId, PermissionConfiguration defaultConfiguration)
    {
        Id = id;
        Name = name;
        Description = description;
        ApplicationTypeId = applicationTypeId;
        DefaultConfiguration = defaultConfiguration;
    }

    public Guid Id { get; private set; }
    public string Name { get; private set; }
    public string Description { get; private set; }
    public Guid ApplicationTypeId { get; private set; }
    public PermissionConfiguration DefaultConfiguration { get; private set; }
}

下面是完整示例。

using System;
using Limyee.Core.Api.Content;
using Limyee.Extensibility.Api.Entities.Version1;
using Limyee.Extensibility.Content.Version1;
using Limyee.Extensibility.Security.Version1;

namespace Samples
{
    public class SamplePermissions : IPermissionRegistrar
    {
        #region IPlugin

        public string Name
        {
            get { return "权限示例"; }
        }

        public string Description
        {
            get { return "此插件将演示 IPermissionRegistrar 的工作原理"; }
        }

        public void Initialize()
        {
            //No initialization required for IPermissionRegistrar
        }

        #endregion

        #region IPermissionRegistrar

        public void RegisterPermissions(IPermissionRegistrarController permissionController)
        {
            permissionController.Register(new SamplePermission(
                new Guid("710A8E0E-1A1D-40FD-A04B-00B30BCA6E73"),
                "创建内容",
                "使用户能够创建内容。",
                new Guid("C0F7FA13-AA91-4840-B6C3-9DE714AC1E62"),
                new PermissionConfiguration
                {
                    Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Owners = true },
                    PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true },
                    PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true },
                }));

            permissionController.Register(new SamplePermission(
                new Guid("2DAE816B-B3D8-4389-A721-33146EF67973"),
                "删除内容",
                "使用户能够删除内容。",
                new Guid("C0F7FA13-AA91-4840-B6C3-9DE714AC1E62"),
                new PermissionConfiguration
                {
                    Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Owners = true },
                    PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true },
                    PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true },
                }));

            permissionController.Register(new SamplePermission(
                new Guid("DCF213E3-B9E3-42FA-91D4-D652992D1C33"),
                "编辑内容",
                "使用户能够编辑内容。",
                new Guid("C0F7FA13-AA91-4840-B6C3-9DE714AC1E62"),
                new PermissionConfiguration
                {
                    Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Owners = true },
                    PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true },
                    PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true },
                    PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true },
                }));
        }

        #endregion
    }

    public class SamplePermission : IPermission
    {
        public SamplePermission(Guid id, string name, string description, Guid applicationTypeId, PermissionConfiguration defaultConfiguration)
        {
            Id = id;
            Name = name;
            Description = description;
            ApplicationTypeId = applicationTypeId;
            DefaultConfiguration = defaultConfiguration;
        }

        public Guid Id { get; private set; }
        public string Name { get; private set; }
        public string Description { get; private set; }
        public Guid ApplicationTypeId { get; private set; }
        public PermissionConfiguration DefaultConfiguration { get; private set; }
    }
}

启用插件后,将在群组管理面板中显示,管理群组 > 权限 > 站点角色/群组角色选项卡 > 角色

微调权限

有时,授予权限不是“全有或全无”。例如,在开箱即用的安装中,允许用户编辑自己的论坛帖子,但限制在有限时间里。通过简单的权限,论坛应用程序必须授予用户有随时编辑所有论坛帖子的能力,或者任何时候都没有编辑任何论坛帖子的能力。ILogicPermission 接口是此类情况的解决方案。

此示例使用 Func<> 委托来表示 IsGranted 方法。这允许您实现 IPermissionRegistrar 来控制 ILogicPermission 的实现。

public class SampleLogicPermission : SamplePermission, ILogicPermission
{
    private readonly Func<User, IContent, bool, bool> _isGrantedFunction;

    public SampleLogicPermission(Guid id, string name, string description, Guid applicationTypeId, PermissionConfiguration defaultConfiguration) 
        : base(id, name, description, applicationTypeId, defaultConfiguration) { }

    public bool IsGranted(User user, IContent content, bool isGrantedBySystem)
    {
        return _isGrantedFunction(user, content, isGrantedBySystem);
    }
}

链接

资源

联系

 售前 Email:sales@limyee.com
 售后 Email:service@limyee.com
Copyright © 2026 东莞市连易网络科技有限公司. All rights reserved.
粤ICP备14078909号
Powered by Limyee Commerce System(5.0.0). © 2014 - 2026 Limyee Inc.