ASP.NET MVC security: how to check if a controller method is allowed to execute under current user's

Posted by Gart on Stack Overflow See other posts from Stack Overflow or by Gart
Published on 2010-05-05T11:08:39Z Indexed on 2010/05/05 13:08 UTC
Read the original article Hit count: 268

Given an ASP.NET MVC Controller class declaration:

public class ItemController : Controller
{
    public ActionResult Index()
    {
       // ...
    }

    public ActionResult Details()
    {
       // ...
    }

    [Authorize(Roles="Admin, Editor")]
    public ActionResult Edit()
    {
       // ...
    } 

    [Authorized(Roles="Admin")]
    public ActionResult Delete()
    {
      // ..
    }
}

I need to reflect a list of methods in this class which may be invoked with the current user's permissions.

Please share some ideas of what could be done in this case.

© Stack Overflow or respective owner

Related posts about asp-net-mvc

Related posts about security