tags:

views:

29

answers:

1

If an action has been decorated with [Authorize(Roles="Administrators")] is there a way to not display the link for the currently logged in user who is not in the declared role?

It seems to me that baking a lot of if statements into the view to give this kind of "selective disclosure" is contrary to the MVC way, but I'm not sure what the alternative is?

+1  A: 

This was in the related questions for your question title:

http://stackoverflow.com/questions/2721869/security-aware-action-link

jfar