daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #24163 from dotnet/main 

merge to live
pull/24194/head^2
Rick Anderson 2021-12-01 16:41:23 -10:00 committed by GitHub
parent 573f6706be 269cd13236
commit dec8c6c5ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 323 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/whats-new.yml vendored
View File

@ -16,7 +16,6 @@ on:
env:
DOTNET_VERSION: '5.0.301' # set this to the dot net version to use
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
@ -24,6 +23,9 @@ jobs:
create-what-is-new:
# The type of runner that the job will run on
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
@ -38,7 +40,7 @@ jobs:
- name: 'Print manual run reason'
if: ${{ github.event_name == 'workflow_dispatch' }}
run: |
echo 'Reason: ${{ github.event.inputs.reason }}'
echo "Reason: ${{ github.event.inputs.reason }}"
# Print dotnet info
- name: Display .NET info

8
.vscode/settings.json vendored
View File

@ -25,5 +25,11 @@
"TypeScript",
"XML",
"YAML"
]
],
"markdownlint.config": {
"MD028": false,
"MD025": {
"front_matter_title": ""
}
}
}

148
aspnetcore/blazor/security/index.md
View File

@ -420,6 +420,80 @@ If neither <xref:Microsoft.AspNetCore.Authorization.AuthorizeAttribute.Roles> no
* Authenticated (signed-in) users as authorized.
* Unauthenticated (signed-out) users as unauthorized.
## Resource authorization
To authorize users for resources, pass the request's route data to the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView.Resource> parameter of <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView>.
In the <xref:Microsoft.AspNetCore.Components.Routing.Router.Found?displayProperty=nameWithType> content for a requested route in the `App` component (`App.razor`):
```razor
<AuthorizeRouteView Resource="@routeData" RouteData="@routeData"
DefaultLayout="@typeof(MainLayout)" />
```
For more information on how authorization state data is passed and used in procedural logic, see the [Expose the authentication state as a cascading parameter](#expose-the-authentication-state-as-a-cascading-parameter) section.
When the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView> receives the route data for the resource, authorization policies have access to <xref:Microsoft.AspNetCore.Components.RouteData.PageType?displayProperty=nameWithType> and <xref:Microsoft.AspNetCore.Components.RouteData.RouteValues?displayProperty=nameWithType> that permit custom logic to make authorization decisions.
In the following example, an `EditUser` policy is created in <xref:Microsoft.AspNetCore.Authorization.AuthorizationOptions> for the app's authorization service configuration (<xref:Microsoft.Extensions.DependencyInjection.AuthorizationServiceCollectionExtensions.AddAuthorizationCore%2A>) with the following logic:
* Determine if a route value exists with a key of `id`. If the key exists, the route value is stored in `value`.
* In a variable named `id`, store `value` as a string or set an empty string value (`string.Empty`).
* If `id` isn't an empty string, assert that the policy is satisfied (return `true`) if the string's value starts with `EMP`. Otherwise, assert that the policy fails (return `false`).
In either `Program.cs` or `Startup.cs` (depending on the hosting model and framework version):
* Add namespaces for <xref:Microsoft.AspNetCore.Components?displayProperty=fullName> and <xref:System.Linq?displayProperty=fullName>:
```csharp
using Microsoft.AspNetCore.Components;
using System.Linq;
```
* Add the policy:
```csharp
options.AddPolicy("EditUser", policy =>
policy.RequireAssertion(context =>
{
if (context.Resource is RouteData rd)
{
var routeValue = rd.RouteValues.TryGetValue("id", out var value);
var id = Convert.ToString(value,
System.Globalization.CultureInfo.InvariantCulture) ?? string.Empty;
if (!string.IsNullOrEmpty(id))
{
return id.StartsWith("EMP", StringComparison.InvariantCulture);
}
}
return false;
})
);
```
The preceding example is an oversimplified authorization policy, merely used to demonstrate the concept with a working example. For more information on creating and configuring authorization policies, see <xref:security/authorization/policies>.
In the following `EditUser` component, the resource at `/users/{id}/edit` has a route parameter for the user's identifier (`{id}`). The component uses the preceding `EditUser` authorization policy to determine if the route value for `id` starts with `EMP`. If `id` starts with `EMP`, the policy succeeds and access to the component is authorized. If `id` starts with a value other than `EMP` or if `id` is an empty string, the policy fails, and the component doesn't load.
`Pages/EditUser.razor`:
```razor
@page "/users/{id}/edit"
@using Microsoft.AspNetCore.Authorization
@attribute [Authorize(Policy = "EditUser")]
<h1>Edit User</h1>
<p>The 'EditUser' policy is satisfied! <code>Id</code> starts with 'EMP'.</p>
@code {
[Parameter]
public string Id { get; set; }
}
```
## Customize unauthorized content with the Router component
The <xref:Microsoft.AspNetCore.Components.Routing.Router> component, in conjunction with the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView> component, allows the app to specify custom content if:
@ -963,6 +1037,80 @@ If neither <xref:Microsoft.AspNetCore.Authorization.AuthorizeAttribute.Roles> no
* Authenticated (signed-in) users as authorized.
* Unauthenticated (signed-out) users as unauthorized.
## Resource authorization
To authorize users for resources, pass the request's route data to the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView.Resource> parameter of <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView>.
In the <xref:Microsoft.AspNetCore.Components.Routing.Router.Found?displayProperty=nameWithType> content for a requested route in the `App` component (`App.razor`):
```razor
<AuthorizeRouteView Resource="@routeData" RouteData="@routeData"
DefaultLayout="@typeof(MainLayout)" />
```
For more information on how authorization state data is passed and used in procedural logic, see the [Expose the authentication state as a cascading parameter](#expose-the-authentication-state-as-a-cascading-parameter) section.
When the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView> receives the route data for the resource, authorization policies have access to <xref:Microsoft.AspNetCore.Components.RouteData.PageType?displayProperty=nameWithType> and <xref:Microsoft.AspNetCore.Components.RouteData.RouteValues?displayProperty=nameWithType> that permit custom logic to make authorization decisions.
In the following example, an `EditUser` policy is created in <xref:Microsoft.AspNetCore.Authorization.AuthorizationOptions> for the app's authorization service configuration (<xref:Microsoft.Extensions.DependencyInjection.AuthorizationServiceCollectionExtensions.AddAuthorizationCore%2A>) with the following logic:
* Determine if a route value exists with a key of `id`. If the key exists, the route value is stored in `value`.
* In a variable named `id`, store `value` as a string or set an empty string value (`string.Empty`).
* If `id` isn't an empty string, assert that the policy is satisfied (return `true`) if the string's value starts with `EMP`. Otherwise, assert that the policy fails (return `false`).
In either `Program.cs` or `Startup.cs` (depending on the hosting model and framework version):
* Add namespaces for <xref:Microsoft.AspNetCore.Components?displayProperty=fullName> and <xref:System.Linq?displayProperty=fullName>:
```csharp
using Microsoft.AspNetCore.Components;
using System.Linq;
```
* Add the policy:
```csharp
options.AddPolicy("EditUser", policy =>
policy.RequireAssertion(context =>
{
if (context.Resource is RouteData rd)
{
var routeValue = rd.RouteValues.TryGetValue("id", out var value);
var id = Convert.ToString(value,
System.Globalization.CultureInfo.InvariantCulture) ?? string.Empty;
if (!string.IsNullOrEmpty(id))
{
return id.StartsWith("EMP", StringComparison.InvariantCulture);
}
}
return false;
})
);
```
The preceding example is an oversimplified authorization policy, merely used to demonstrate the concept with a working example. For more information on creating and configuring authorization policies, see <xref:security/authorization/policies>.
In the following `EditUser` component, the resource at `/users/{id}/edit` has a route parameter for the user's identifier (`{id}`). The component uses the preceding `EditUser` authorization policy to determine if the route value for `id` starts with `EMP`. If `id` starts with `EMP`, the policy succeeds and access to the component is authorized. If `id` starts with a value other than `EMP` or if `id` is an empty string, the policy fails, and the component doesn't load.
`Pages/EditUser.razor`:
```razor
@page "/users/{id}/edit"
@using Microsoft.AspNetCore.Authorization
@attribute [Authorize(Policy = "EditUser")]
<h1>Edit User</h1>
<p>The 'EditUser' policy is satisfied! <code>Id</code> starts with 'EMP'.</p>
@code {
[Parameter]
public string Id { get; set; }
}
```
## Customize unauthorized content with the Router component
The <xref:Microsoft.AspNetCore.Components.Routing.Router> component, in conjunction with the <xref:Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView> component, allows the app to specify custom content if:

4
aspnetcore/data/ef-rp/intro.md
View File

@ -532,7 +532,7 @@ Enumerating a large table in a view could return a partially constructed HTTP 20
<xref:Microsoft.AspNetCore.Mvc.MvcOptions.MaxModelBindingCollectionSize> defaults to 1024. The following code sets `MaxModelBindingCollectionSize`:
<!-- Review: If I set MaxModelBindingCollectionSize to 3, it still returns all the rows. Is there a minimum? -->
[!code-csharp[Main](intro/samples/cu60/ProgramEnsure.cs?name=snippet&highlight=16-20)]
[!code-csharp[Main](intro/samples/cu60/ProgramMax.cs?name=snippet&highlight=14-18)]
See [Configuration](xref:fundamentals/configuration/index) for information on configuration settings like `MyMaxModelBindingCollectionSize`.
@ -1497,4 +1497,4 @@ For more information, see [Performance considerations (EF)](/dotnet/framework/da
> [!div class="step-by-step"]
> [Next tutorial](xref:data/ef-rp/crud)
::: moniker-end
::: moniker-end

2
aspnetcore/tutorials/razor-pages/new-field.md
View File

@ -128,7 +128,7 @@ The `dotnet-ef migrations add rating` command tells the framework to:
The name `rating` is arbitrary and is used to name the migration file. It's helpful to use a meaningful name for the migration file.
The `dotnet-ef database update` command tells the framework to apply the schema changes to the database and to preserve existing data.
The `dotnet ef database update` command tells the framework to apply the schema changes to the database and to preserve existing data.
Delete all the records in the database, the initializer will seed the database and include the `Rating` field.

77
aspnetcore/whats-new/2021-05.md
View File

@ -1,77 +0,0 @@
---
title: "ASP.NET Core docs: What's new for May 1, 2021 - May 31, 2021"
description: "What's new in the ASP.NET Core docs for May 1, 2021 - May 31, 2021."
ms.date: 06/01/2021
---
# ASP.NET Core docs: What's new for May 1, 2021 - May 31, 2021
Welcome to what's new in the ASP.NET Core docs from May 1, 2021 through May 31, 2021. This article lists some of the major changes to docs during this period.
## Blazor
### New articles
- <xref:blazor/fundamentals/startup> - Blazor startup topic
### Updated articles
- <xref:blazor/js-interop/call-dotnet-from-javascript>
- Blazor Call .NET from JS topic updates
- Blazor Call .NET from JS UE pass
- <xref:blazor/components/lifecycle> - Blazor snippet sample app updates
- <xref:blazor/file-uploads> - Blazor File Uploads topic UE pass
## Fundamentals
### Updated articles
- <xref:fundamentals/http-requests> - Use System.Net.Http.Json in "Make HTTP requests..."
- <xref:fundamentals/logging/index> - Add LoggerFactoryOptions.ActivityTrackingOptions
## MVC
### Updated articles
- <xref:mvc/models/model-binding> - Binding C#9 record types /a
## Razor Pages
### Updated articles
- <xref:razor-pages/ui-class> - prep Razor UI class lib for .NET 5 version
- <xref:razor-pages/sdk> - prep Razor SDK doc for efficient 6.0 PR/compare
## Security
### Updated articles
- <xref:security/authorization/policies> - Show that AuthorizationHandlerContext.Resource is HttpContext for >= 5.0
- <xref:security/authentication/customize_identity_model> - modified documentation for customize identity model
## Tutorials
### Updated articles
- <xref:tutorials/first-mvc-app/adding-model> - First-MVC series: Model & DB tutorials: MT, improve readability and fix issues
## Community contributors
The following people contributed to the ASP.NET Core docs during this period. Thank you! Learn how to contribute by following the links under "Get involved" in the [what's new landing page](index.yml).
- [dharmatech](https://github.com/dharmatech) (10)
- [fiyazbinhasan](https://github.com/fiyazbinhasan) - Fiyaz Bin Hasan (5)
- [serpent5](https://github.com/serpent5) - Kirk Larkin (2)
- [01binary](https://github.com/01binary) - Valeriy Novytskyy (1)
- [devigo](https://github.com/devigo) - Igor Lyadov (1)
- [donhuvy](https://github.com/donhuvy) - Do Nhu Vy (1)
- [FrediKats](https://github.com/FrediKats) - Fredi Kats (1)
- [gradonstone](https://github.com/gradonstone) - Gradon Stone (1)
- [lohithgn](https://github.com/lohithgn) - Lohith (1)
- [markmcgookin](https://github.com/markmcgookin) - Mark McGookin (1)
- [msal4](https://github.com/msal4) - Mohammed Salman (1)
- [pgermishuys](https://github.com/pgermishuys) - Pieter Germishuys (1)
- [slipperstree](https://github.com/slipperstree) - MangoLoveCarrot (1)
- [szalapski](https://github.com/szalapski) - Patrick Szalapski (1)
- [utsxumiao](https://github.com/utsxumiao) - Eric Xu (1)
- [ystvan](https://github.com/ystvan) - Istvan Marki (1)

157
aspnetcore/whats-new/21-11.md 100644
View File

@ -0,0 +1,157 @@
---
title: "ASP.NET Core docs: What's new for November 1, 2021 - November 30, 2021"
description: "What's new in the ASP.NET Core docs for November 1, 2021 - November 30, 2021."
ms.date: 12/01/2021
---
# ASP.NET Core docs: What's new for November 1, 2021 - November 30, 2021
Welcome to what's new in the ASP.NET Core docs from November 1, 2021 through November 30, 2021. This article lists some of the major changes to docs during this period.
## Blazor
### New articles
- <xref:blazor/images> - Blazor Working With Images Docs
- <xref:blazor/file-downloads> - Blazor File Downloads Documentation
- <xref:blazor/webassembly-native-dependencies> - Blazor native deps (w/callback coverage)
### Updated articles
- <xref:blazor/fundamentals/environments> - Blazor environments for App Service
- <xref:blazor/fundamentals/handle-errors>
- Blazor Handle Errors updates
- Drop pivots in Blazor fundamental topics
- <xref:blazor/call-web-api> - Blazor hosting model pivot updates
- <xref:blazor/fundamentals/static-files> - Blazor static files guidance improvements
- <xref:blazor/host-and-deploy/webassembly> - Blazor static files guidance improvements
- <xref:blazor/host-and-deploy/index> - App base path/sub-app hosting updates
## Data access
### Updated articles
- <xref:data/ef-rp/crud> - pre EF/RP monikers /3
- <xref:data/ef-rp/intro> - pre EF/RP monikers /3
## Fundamentals
### Updated articles
- <xref:fundamentals/httpcontext> - Prepare HttpContext for 6.0
- <xref:fundamentals/error-handling> - Prepare Handle Errors for 6.0
- <xref:fundamentals/servers/kestrel> - Prepare Kestrel Overview for 6.0
- <xref:fundamentals/app-state> - moniker prep session
- <xref:fundamentals/host/generic-host> - Update bool value entries for host config
- <xref:fundamentals/routing>
- Update Routing to 6.0
- Prepare Routing for 6.0
- Guidance for large route tables /2
- <xref:fundamentals/http-requests> - Update HTTP Requests to 6.0
- <xref:fundamentals/configuration/options> - prep monikers for Options
## gRPC
### Updated articles
- <xref:grpc/troubleshoot> - Troubleshoot doc on using gRPC client with HTTP/3
## Migration
### New articles
- <xref:migration/31-to-60> - 3.1 to 6.0 LTS track migration guide /3
## MVC
### Updated articles
- <xref:mvc/controllers/filters> - Update Filters to 6.0
- <xref:mvc/models/model-binding> - Prepare Model-Binding for 6.0
## Performance
### Updated articles
- <xref:performance/caching/memory> - Prepare Cache In-Memory for 6.0
## Razor Pages
### Updated articles
- <xref:razor-pages/index> - Moniker prep for into to RP /4
## Security
### Updated articles
- <xref:security/authorization/claims> - Moniker Prep work for Claims /3
- <xref:security/authentication/windowsauth> - Update monikers for Win auth /3
- <xref:security/authentication/scaffold-identity> - prep monikers for scaffold identity
- <xref:security/authentication/microsoft-logins> - Prepare Microsoft Logins for 6.0
- <xref:security/enforcing-ssl>
- HTTPS moniker prep for V6 /4
- Feature/https linux updates
- <xref:security/app-secrets> - moniker prep for secrets
## Testing
### New articles
- <xref:test/hot-reload> - .NET Hot Reload support
## Tutorials
### Updated articles
- <xref:tutorials/first-mongo-app>
- Update MongoDB Web Api to 6.0
- Prepare MongoDb Web Api for 6.0
- <xref:tutorials/signalr>
- Update SignalR tutorial to V6 /2
- signalR moniker prep /2
- <xref:tutorials/get-started-with-swashbuckle> - Update Swashbuckle tutorial syntax and 6.0 RTM
- <xref:tutorials/razor-pages/model> - Update model.md
## Web API
### Updated articles
- <xref:web-api/handle-errors>
- Update Handle Web API Errors to 6.0
- Prepare Handle Web API Errors for 6.0
- <xref:web-api/advanced/formatting>
- Update Format Response Data to 6.0
- Prepare Format Response Data for 6.0
## Community contributors
The following people contributed to the ASP.NET Core docs during this period. Thank you! Learn how to contribute by following the links under "Get involved" in the [what's new landing page](index.yml).
- [GitHubPang](https://github.com/GitHubPang) (9)
- [hmz777](https://github.com/hmz777) - HMZ (2)
- [alaatm](https://github.com/alaatm) - Alaa Masoud (1)
- [alikrc](https://github.com/alikrc) - Ali (1)
- [andreapace](https://github.com/andreapace) - Andrea Pace (1)
- [ascott18](https://github.com/ascott18) - Andrew Scott (1)
- [behroozbc](https://github.com/behroozbc) - behrooz bozorg chami (1)
- [Bouke](https://github.com/Bouke) - Bouke Haarsma (1)
- [celsojr](https://github.com/celsojr) - Celso Jr (1)
- [cirinatorres](https://github.com/cirinatorres) (1)
- [flinde](https://github.com/flinde) - Fredrik Linde (1)
- [ignBiometrical](https://github.com/ignBiometrical) - Biometrical (1)
- [jo-ninja](https://github.com/jo-ninja) - Joni (1)
- [JohnSurina](https://github.com/JohnSurina) - John Surina (1)
- [jonas-lomholdt](https://github.com/jonas-lomholdt) - Jonas Lomholdt (1)
- [JuergenGutsch](https://github.com/JuergenGutsch) - Juergen Gutsch (1)
- [martincostello](https://github.com/martincostello) - Martin Costello (1)
- [Pemek](https://github.com/Pemek) - Przemysław Madej (1)
- [provegard](https://github.com/provegard) - Per Rovegård (1)
- [PrzybylaMateusz](https://github.com/PrzybylaMateusz) (1)
- [ryandle](https://github.com/ryandle) - Ryan Yandle (1)
- [sgryphon](https://github.com/sgryphon) - Sly Gryphon (1)
- [Swiftly1](https://github.com/Swiftly1) (1)
- [tufteddeer](https://github.com/tufteddeer) - Fabian (1)
- [vanillajonathan](https://github.com/vanillajonathan) - Jonathan (1)
- [vladsaftoiu](https://github.com/vladsaftoiu) - Vlad Saftoiu Alexandru (1)
- [yecril71pl](https://github.com/yecril71pl) - Christopher Yeleighton (1)

4
aspnetcore/whats-new/index.yml
View File

@ -14,6 +14,8 @@ landingContent:
linkLists:
- linkListType: whats-new
links:
- text: November 2021
url: 21-11.md
- text: October 2021
url: 21-10.md
- text: September 2021
@ -24,8 +26,6 @@ landingContent:
url: 21-07.md
- text: June 2021
url: 21-06.md
- text: May 2021
url: 2021-05.md
- title: "Get involved - contribute to ASP.NET Core docs"
linkLists:

4
aspnetcore/whats-new/toc.yml
View File

@ -3,6 +3,8 @@ items:
href: index.yml
expanded: true
items:
- name: November 2021
href: 21-11.md
- name: October 2021
href: 21-10.md
- name: September 2021
@ -13,5 +15,3 @@ items:
href: 21-07.md
- name: June 2021
href: 21-06.md
- name: May 2021
href: 2021-05.md