基于策略的授权(简单版):已注释

  1. // 1【授权】、这个和上边的异曲同工,好处就是不用在controller中,写多个 roles 。
  2. // 然后这么写 [Authorize(Policy = "Admin")]
  3. /*
  4. services.AddAuthorization(options =>
  5. {
  6. options.AddPolicy("Client", policy => policy.RequireRole("Client").Build());
  7. options.AddPolicy("Admin", policy => policy.RequireRole("Admin").Build());
  8. options.AddPolicy("SystemOrAdmin", policy => policy.RequireRole("Admin", "System"));
  9. options.AddPolicy("A_S_O", policy => policy.RequireRole("Admin", "System", "Others"));
  10. });
  11. */