8

Okay I'm very new to C# and i'm trying to create a little website using ASP MVC2.

I want to create my own authorization attribute. but i need to pass some values if this is possible.

For example:

    [CustomAuthorize(GroupID = Method Parameter?]
    public ActionResult DoSomething(int GroupID)
    {
        return View("");
    }

I want to authorize the access to a page. but it depends on the value passed to the controller. So the authorization depends on the groupID. Is this possible to achieve this in any way?.

Thanks in advance.

Improve this question

3 Answers 3

Reset to default
4

Use the value provider:

public class CustomAuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        var result = filterContext.Controller.ValueProvider.GetValue("GroupId"); //groupId should be of type `ValueProviderResult`

        if (result != null)
        {
            int groupId = int.Parse(result.AttemptedValue);

            //Authorize the user using the groupId   
        }
   }

}

This article may help you.

HTHs,
Charles

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

You get it from Request.Form

public class CustomAuthorizeAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
       //httpContext.Request.Form["groupid"]
        return base.AuthorizeCore(httpContext);
    }
}
Improve this answer

1 Comment

You could use Request["groupID"] then.
0

You get it from Request.Form

public class CustomAuthorizeAttribute : AuthorizeAttribute { protected override bool AuthorizeCore(HttpContextBase httpContext) { //httpContext.Request.Form["groupid"] return base.AuthorizeCore(httpContext); } }

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.