Menu
System.Web.Mvc.ActionDescriptor has method IsDefined which helps to determine whether one or more instances of the specified attribute type are defined for this member.
System.Web.Http.Controllers.HttpActionDescriptor does not have this method.
How can I check AllowAnonymousAttribute using HttpActionDescriptor?
973
I found. I can use GetCustomAttributes method. For example (from AuthorizeAttribute implementation):
private static bool SkipAuthorization(HttpActionContext actionContext)
{
if (!Enumerable.Any<AllowAnonymousAttribute>((IEnumerable<AllowAnonymousAttribute>) actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>()))
return Enumerable.Any<AllowAnonymousAttribute>((IEnumerable<AllowAnonymousAttribute>) actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>());
else
return true;
}
The answer by @FireShock is correct, here is a version that I think is easier to read:
private static bool ShouldSkipAuthorization(HttpActionContext actionContext)
{
return
actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any() ||
actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
