tags:

views:

103

answers:

2
+1  Q: 

Where to store common action parameter data in asp.net mvc application

Our web application needs one common parameter in every action method.

In our case it is the customer account id and we need to support the following scenarios

a. A group of users might have the same account id which can be derived from the user profile.

b. Customer Support team should be able explicitly supply the account id of a customer and also should be able to switch the account on any page

We are trying to not to use asp.net session to store this kind of data.

Are there any other options to store and manage this kind of common parameter data?

+1  A: 

Write it out as an ecrypted value to hidden field on your master page and supply the value to every view. When the user is in a a customer role, place a change account "control" on the page that is able to retrieve and update the account data -- via AJAX, perhaps -- to change the current account id. It might be easiest to do this with a custom base controller which gets the data via the ValueProvider directly and stores it as a property on the page rather than having it be a parameter to every method.

tvanfosson  2009-08-10 01:23:29
Thanks. I will try to work out this solution.The reason I am thinking it as a parameter to every method is I could apply authorization filter and reject the unauthorized account access from user's of another account.Is it possible to do the same with the property?
 2009-08-10 01:44:53
You would need to have a custom authorization filter, but you could also do this type of authorization in the ActionExecuting method of the base controller. That is, at the time that you are getting the account, check that the authenticated user is also associated with the account. Replace the ActionExecutingContext FilterResult property with an HttpUnauthorizedResult to abort the request.
tvanfosson  2009-08-10 11:58:11
A: 

Use Routing for the value. So if you need to change the id you can use another URL or post it as a parameter.

Whenever you need the value just ask the ValueProvider for it.
In case it is blank - use the one from user profile.

Of course you'd better write small method that will do just that: 

// Register route like:
route.MapRoute("ProvidesAccountId", "{controller}/{id}/account{accountId}/{action}.aspx")

// Property on the base controller
protected Account CurrentAccount {
    get {
        var accountId = ValueProvider.GetValue<int?>("accountId"); // GetValue is just a helper
        if (accountId.HasValue)
            return YourRepositor.GetAccountBy(accountId.Value);
        return CurrentUser.Account;
    }
}

Not to use current user's account hit the URL: Profile/123/account/Edit.aspx
To use another account you can hit the URL: Profile/123/account-456/Edit.aspx

You get the idea.

Cheers,
Dmitriy.

Dmytrii Nagirniak  2009-08-10 05:18:47

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data