Hide content in view mode based on controller authorization filters

Question

Hide content in view mode based on controller authorization filters

Let's say I have a controller action that is limited only to specific users, for example:

[Authorize(Roles="somerole")]<br />
public ActionResult TestRestricted()  {            
    return View();
}

In a view that is publicly available to everyone, I have a link to the action above:

<%= Html.ActionLink("Click here!", "TestRestricted") %>

I would like to hide the link for everyone who is not allowed to perform the "TestRestricted" -action. Is there a way to check if the current user is allowed to use the appropriate action? Without defining any additional or duplicate access rules in addition to the authorization filter?

+3

asp.net-mvc

Mika lehtinen 24 sept '09 at 10:01

source share

2 answers

Chuck Conway · Answer 1 · 2009-09-24T11:07:06+0000

MVC , .

, , . .

, Action HtmlHelper . , System.Web.Mvc.Html.

    public static MvcHtmlString ActionLink(this HtmlHelper htmlHelper, string linkText, string actionName, string role)
    {
        MvcHtmlString link = new MvcHtmlString(string.Empty);

        if (htmlHelper.ViewContext.RequestContext.HttpContext.User.IsInRole(role))
        {
            link = htmlHelper.ActionLink(linkText, actionName);
        }

        return link;
    }

<%= Html.ActionLink("Click here!", "TestRestricted", "somerole") %>

, (). - , authorize .

Amir · Answer 2 · 2009-11-18T15:55:27+0000

: http://weblogs.asp.net/rashid/archive/2009/09/06/asp-net-mvc-and-authorization-and-monkey-patching.aspx

.....

Hide content in view mode based on controller authorization filters

More articles: