c# - Securing controller action in ASP.NET MVC -
In order to protect the controller operation, in ASP.NET MVC2, I used a class required key Inherited from action filter attribute class. Controller action looks like
[requisition (permissions = "canview")] Public action list () {...} I have There is a value with permissions
public enum permissions {CanDoEdit, CanView, CanInsert} requirement performance class looks
public class requirement display: verb filter attribute {public string permissions; String [] param = {","}; Public override zero OnActionExecuting (ActionExecutingContext FilterContext) {string [] requires submissions = permissions Sample (Ultimate, String Split Option. RemoveEmptyEntries); If (Required. Permissions.Controls (Permissions.Condo Editing.ToString ())) {// Check Permissions} (Required) Presentation (Permissions.Convolution.tostring ()) {// Check Permissions} If necessary (instead of creating different attributes, I want to use the attribute like RequirePermission I / [required permissions (permissions = permissions, .convert + "," + permissions. Cenadit)] so that I The compiler has thrown the following error. An attribute argument is a continuous expression, type expression or an attribute parameter type < / P>
How about:
[flag] public enum permissions { CanDoEdit = 1 & lt; 0, canvue = 1 & lt; 1, CanInsert = 1 & lt; 2} and then:
[required permissions (permissions = permissions. Aँ. Knadit)] and finally that CanView set to confirm:
if ((requirements and permissions. Canview) == Permissions. Conv.) {// user's canvew permission}
Comments
Post a Comment