IAuthorizationPolicy.Evaluate(EvaluationContext, Object) 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
评估用户是否满足此授权策略的要求。
public:
bool Evaluate(System::IdentityModel::Policy::EvaluationContext ^ evaluationContext, System::Object ^ % state);public bool Evaluate(System.IdentityModel.Policy.EvaluationContext evaluationContext, ref object state);abstract member Evaluate : System.IdentityModel.Policy.EvaluationContext * obj -> boolPublic Function Evaluate (evaluationContext As EvaluationContext, ByRef state As Object) As Boolean参数
- evaluationContext
- EvaluationContext
一个 EvaluationContext 包含授权策略评估的声明集。
返回
false
Evaluate(EvaluationContext, Object)如果其他授权策略添加了其他授权策略evaluationContext添加其他声明,则必须调用此授权策略的方法;否则,true则表示此授权策略不需要其他评估。
示例
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
bool bRet = false;
CustomAuthState customstate = null;
// If state is null, then this method has not been called before, so
// set up a custom state.
if (state == null)
{
customstate = new CustomAuthState();
state = customstate;
}
else
{
customstate = (CustomAuthState)state;
}
Console.WriteLine("Inside MyAuthorizationPolicy::Evaluate");
// If claims have not been added yet...
if (!customstate.ClaimsAdded)
{
// Create an empty list of Claims.
IList<Claim> claims = new List<Claim>();
// Iterate through each of the claim sets in the evaluation context.
foreach (ClaimSet cs in evaluationContext.ClaimSets)
// Look for Name claims in the current claim set.
foreach (Claim c in cs.FindClaims(ClaimTypes.Name, Rights.PossessProperty))
// Get the list of operations the given username is allowed to call.
foreach (string s in GetAllowedOpList(c.Resource.ToString()))
{
// Add claims to the list.
claims.Add(new Claim("http://example.org/claims/allowedoperation", s, Rights.PossessProperty));
Console.WriteLine("Claim added {0}", s);
}
// Add claims to the evaluation context.
evaluationContext.AddClaimSet(this, new DefaultClaimSet(this.Issuer, claims));
// Record that claims have been added.
customstate.ClaimsAdded = true;
// Return true, which indicates this need not be called again.
bRet = true;
}
else
{
// This point should not be reached, but just in case...
bRet = true;
}
return bRet;
}
Public Function Evaluate(ByVal evaluationContext As EvaluationContext, _
ByRef state As Object) As Boolean Implements IAuthorizationPolicy.Evaluate
Dim bRet As Boolean = False
Dim customstate As CustomAuthState = Nothing
' If state is null, then this method has not been called before, so
' set up a custom state.
If state Is Nothing Then
customstate = New CustomAuthState()
state = customstate
Else
customstate = CType(state, CustomAuthState)
End If
Console.WriteLine("Inside MyAuthorizationPolicy::Evaluate")
' If the claims have not been added yet...
If Not customstate.ClaimsAdded Then
' Create an empty list of Claims
Dim claims As New List(Of Claim)
' Iterate through each of the claimsets in the evaluation context.
Dim cs As ClaimSet
For Each cs In evaluationContext.ClaimSets
' Look for Name claims in the current claim set.
Dim c As Claim
For Each c In cs.FindClaims(ClaimTypes.Name, Rights.PossessProperty)
' Get the list of operations the given username is allowed to call.
Dim s As String
For Each s In GetAllowedOpList(c.Resource.ToString())
' Add claims to the list
claims.Add(New Claim("http://example.org/claims/allowedoperation", _
s, Rights.PossessProperty))
Console.WriteLine("Claim added {0}", s)
Next s
Next c
Next cs
' Add claims to the evaluation context.
evaluationContext.AddClaimSet(Me, New DefaultClaimSet(Me.Issuer, claims))
' Record that claims have been added.
customstate.ClaimsAdded = True
' Return true, which indicates the method need not to be called again.
bRet = True
Else
' Should never get here, but just in case...
bRet = True
End If
Return bRet
End Function 'Evaluate
注解
注释
接口的 IAuthorizationPolicy 实现者应期望 Evaluate 不同线程多次调用该方法。
接口的 IAuthorizationPolicy 实现者可以使用 state 参数跟踪对 Evaluate 方法的调用之间的状态。 如果在对方法的给定调用 Evaluate 中设置了状态对象,则会将相同的对象实例传递给当前计算过程中对该方法的每个后续调用 Evaluate 。
