Display action-specific authorisation message for [Authorize] attribute

Posted by FreshCode on Stack Overflow See other posts from Stack Overflow or by FreshCode
Published on 2010-04-13T15:49:04Z Indexed on 2010/04/13 15:53 UTC
Read the original article Hit count: 453

Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page?

Ideally,

[Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")]
public ActionResult SomeAdminFunction()
{
    // do admin stuff
    return View();
}

As I understand it, attributes are not meant to add functionality, but this seems purely informational. One could do this inside the action, but it seems inelegant compared to the use of an attribute.

Alternatively,

if (!Request.IsAuthenticated)
{
    if (!User.IsInRole("Administrator"))
        SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack
    return RedirectToAction("SignIn", "Account");
}

Is there an existing way to do this or do I need to override the [Authorize] attribute?

© Stack Overflow or respective owner

Related posts about asp.net-mvc

Related posts about authorize-attribute