Is it possible to implement object level protection with ActionFilterAttribute?
ActionFilterAttribute
I read Branislav Abadzhimarinov responded to Get permission from an authorized attribute? and began to think about creating a AuthorizeAttribute-shaped action filter to implement object-level protection.
AuthorizeAttribute
Suppose I had to call it ObjectAuthorizeAttributewith the intended use:
ObjectAuthorizeAttribute
[ObjectAuthorize] public ActionResult Edit(int id) { //...
What would be the easiest way to access the id value in OnActionExecuting?
OnActionExecuting
Is something like this already available?
AuthorizeAttribute , RouteData, AuthorizationContext. , , AuthorizeAttribute, ActionFilterAttribute.
var id = filterContext.RouteData.Values["id"];
var id = filterContext.HttpContext.Request["id"];
Source: https://habr.com/ru/post/1787306/More articles:How to encode an application to run in future iOS releases? future check! - iosUnit-testing model changes in Asp.net MVC 3 - unit-testingInclude or extend use of business? - umlLimit javascript regex length - javascriptLoading resources for another language - c #Как привязать таблицу базы данных к JTable и использовать JTable для изменения и добавления строк - javaimage / photo gallery (grid) with rails? - ruby-on-railsAndroid how to disable checkbox during long operation in PreferenceScreen - androidBoost.Process - how to get a process to run a function? - c ++Command Command Command event not firing for the first time - asp.netAll Articles