10

I have to give access rigths to the users of a website. I am doing the filtering here:

protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
}

The problem is that I cannot distinguish full View request such as 'Index' from PartialViewRequests or AJAX calls requests.

Therefore the page 'Index' has access but the 'PartialViewGridViewForIndex' does not have access.

The property ControllerContext.IsChildAction does not help either.

Improve this question

3 Answers 3

Reset to default
33

You could use the IsAjaxRequest extension method to determine if an AJAX request was used to invoke this controller action:

protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
    if (filterContext.HttpContext.Request.IsAjaxRequest())
    {
        // the controller action was invoked with an AJAX request
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I have tested it and it works. However I cannot wonder to ask myself if the partial view rendering is done by AJAX request. Do you have any ideea ?
The IsAjaxRequest tells you if the current request was an AJAX request.
And if I want to know if it is a PartialViewRequest ?
There's no such notion as PartialViewRequest in ASP.NET MVC. Controller actions might return a PartialViewResult for example or a normal ViewResult. If you need to know whether the controller action returns a partial view you cannot do this inside the OnActionExecuting method because this method runs before the controller action has ran. You could do it inside the OnActionExecuted method where you could inspect the concrete type of filterContext.Result. For example if (filterContext.Result is PartialViewResult) { ... }.
I recently had to perform a check to see if the request was a partial result and had onexecuting too, it's possible to determine if it's a partialview, by using the action and the controller from the routedata you can see if they match the requested url since the request.url doesn't change when you perform an action that returns a partial view. However you need to take the routing into account, example: using default routing (controller/action(id)) and calling ~/user the index will not show up in the url.
1

You can extend HttpRequestExtensions in asp.net Core 2 as below

public static class HttpRequestExtensions
{
    private const string RequestedWithHeader = "X-Requested-With";
    private const string XmlHttpRequest = "XMLHttpRequest";

    public static bool IsAjaxRequest(this HttpRequest request)
    {
        if (request == null)
        {
            throw new ArgumentNullException("request");
        }

        if (request.Headers != null)
        {
            return request.Headers[RequestedWithHeader] == XmlHttpRequest;
        }

        return false;
    }
}

And use it as

 if (!Request.IsAjaxRequest())
 {
    //----
  }
  else
  {
      // -------
  }
Improve this answer

Comments

0

I would create an Authorization filter by extending the AuthorizeAttribute. I would then put my code in the OnAuthorize override. In the FilterContext object you can look at FilterContext.ActionDescriptor.MethodInfo.ReturnType.Name. For a partial view this will be PartialViewResult.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.