Menu
The problem I'm trying to solve seems very simple to me: My application has a site-wide menu from which the user can navigate to various areas. The menu items are simply links to ActionResult methods. I'm using a custom AuthorizeAttribute on the actions to enforce the user's authorization roles. That works fine, in that it prevents the user from executing the action if they don't have the appropriate roles. What I want to do, though, is not even show the menu option to navigate to that action if they aren't authorized to perform it.
So, at the simplest level, I want to be able to do something like this:
var isAuthorized = IsAuthorized("ControllerName", "ActionName", currentUser);
The IsAuthorized method would then look at any AuthorizeAttributes on the action, and evaluate whether the given user would be able to execute it.
Does such an approach exist? Assume that we don't have an instance of the controller at the point that we're making this evaluation.
623
A second pass at searching for an approach to this actually resulted in exactly what I was looking for. I'll leave this question here in case it leads others to this answer.
Create an authorized action link extension for ASP.NET MVC 3
The implementation uses just about exactly the syntax I was looking for, and works in practice.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
