Shawn Mclean
Reputation: 57469
Asp.net mvc authorize attribute integrated with a parameter
I want to use an [Authorize()] attribute in the following way on an action:
[Authorize(Roles = "Administrator" or UserId == id)]
public ActionResult Edit(int id){ }
Right now I'm using logics like this:
public ActionResult Edit(int id)
{
if (User.IsInRole("Administrator") || User.Identity.Name.Equals(id))
{ }
}
Upvotes: 3
Views: 8291
Answers (2)
John Farrell
Reputation: 24754
No, but you an access everything piece of functionality the controller has inside the Attribute:
See:
How to pass parameters to a custom ActionFilter in ASP.NET MVC 2?
Upvotes: 3
Darin Dimitrov
Reputation: 1038710
You can't. In .NET attributes can use only constant values. On the other hand you could write a custom authorize attribute deriving from the standard one and in the AuthorizeCore method implement this logic.
Upvotes: 2
Related Questions
- Authorize attribute in ASP.NET MVC
- MVC 5 Authorize Attribute
- How to use authorize attribute on MVC3
- ASP.NET MVC Authorize attribute with a parameter
- Using authorize attribute ASP.Net MVC
- MVC3 Authorize Attribute
- AuthorizeAttribute and parameters
- asp.net mvc Adding to the AUTHORIZE attribute
- MVC: creating a custom [AuthorizeAttribute] which takes parameters?
- Custom Authorize Attribute additional Param?