tags:

views:

187

answers:

3
+1  Q: 

Custom AuthorizeAttribute

I have a child class of AuthorizeAttribute named CheckArticleExistence.

I would like to set an attribute using the parameter that I receive in the action. Like this:

[CheckArticleExistence(Id=articleId)]
public ActionResult Tags(int articleId)
{
...
}

I want to use the articleId to check if that article exists in the database, and if it doesn't I can trigger something different using the OnAuthorization method.

Is there any way? Thanks.

+3  A: 

You can put a method in your repository to check for the existence of an article.

public ActionResult Tags(int articleId)
{
    if (repository.ArticleExists(articleID))
    {
        // Do your thing
    }
    else
    {
        return view("NotFound"); // or do something else
    }
}

Or you can simply attempt to retrieve the article, and check for a null object.

public ActionResult Tags(int articleId)
{
    var article = repository.GetArticle();
    if (article !=null)
    {
        // Do your thing
    }
    else
    {
        return view("NotFound"); // or do something else
    }
}
Robert Harvey  2009-09-26 21:05:49
Yes, I agree. This would probably be the best thing to do to be honest.
Dan Atkinson  2009-09-26 21:10:18
But this one is the obvious way... I would like to use an AuthorizeAttribute because if I decide to change the way I handle the article nonexistence, I do not need to change all the actions that check if the article exists. Anyway, thank you
Wellington  2009-09-26 21:14:40
Hopefully your repository always has just one way to check. You can change your implementation there.
Robert Harvey  2009-09-26 21:14:55
this gives a bit more control over the user experience in the case of a non-existent id. the filter would also work, but then you have "user logic" outside of the controller. filters should probably be for malicious or exceptional cases.
Matt Sherman  2009-09-26 23:07:05
+2  A: 

I think You can get the articleId from the AuthorizationContext, so you don't need to pass it as a property of the attribute.

You can just do:

[CheckArticleExistence]
public ActionResult Tags(int articleId)
{
...
}
CD  2009-09-26 21:10:33
+1  A: 

This one worked (thanks!):

[CheckArticleExistence]
public ActionResult Tags(int articleId)
{
    ...
}

...

public class CheckArticleExistenceAttribute : AuthorizeAttribute
{
    private int articleId;

    public override void OnAuthorization(AuthorizationContext filterContext)
    {

     this.articleId = int.Parse(filterContext.RouteData.Values["id"].ToString());

     if (!Article.Exists(articleId))
     {
      ...
     }
    }
}
Wellington  2009-09-26 21:40:56

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?