I'm looking for a variant of this
@if (SignInManager.IsSignedIn(User) && User.IsInRole(Roles.Administrator))
{
<div id="editArticle">
but instead of checking after the role I'm after a check into the policy much like you would in a controller by doing this.
[Authorize(Policy = Policies.RequireAdmin)]
One way to control access in your Razor Pages app is to use authorization conventions at startup. These conventions allow you to authorize users and allow anonymous users to access individual pages or folders of pages. The conventions described in this topic automatically apply authorization filters to control access.
Role-Based Authorization in ASP.NET Core You can specify what roles are authorized to access a specific resource by using the [Authorize] attribute. You can even declare them in such a way that the authorization evaluates at the controller level, action level, or even at a global level. Let's take Slack as an example.
Authorization in ASP.NET Core is controlled with AuthorizeAttribute and its various parameters. In its most basic form, applying the [Authorize] attribute to a controller, action, or Razor Page, limits access to that component to authenticated users. Now only authenticated users can access the Logout function.
This seems similar to question asked here
I found this link which may be helpful: https://docs.asp.net/en/latest/security/authorization/views.html
Examples from that page:
@if (await AuthorizationService.AuthorizeAsync(User, "PolicyName"))
{
<p>This paragraph is displayed because you fulfilled PolicyName.</p>
}
In some cases the resource will be your view model, and you can call AuthorizeAsync in exactly the same way as you would check during resource based authorization;
@if (await AuthorizationService.AuthorizeAsync(User, Model, Operations.Edit))
{
<p><a class="btn btn-default" role="button"
href="@Url.Action("Edit", "Document", new {id= Model.Id})">Edit</a></p>
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With