Is it possble to have something like this in ASP.NET MVC...
[Authorize]
[AcceptVerbs(HttpVerbs.Get)]
public string AddData(string Issues, string LabelGUID)
{
return "Authorized";
}
[AcceptVerbs(HttpVerbs.Get)]
public string AddData()
{
return "Not Authorized";
}
So if the user is not logged in, it defaults to the un-Authorized action.
I don't believe so. The controller action with the best parameter match will get selected and then the attributes will be applied.
You could use
if (Request.IsAuthenticated)
{
return "Authorized";
}
else
{
return "Not Authorized";
}
Under the hood [Authorize] is essentially doing the same thing
protected virtual bool AuthorizeCore(IPrincipal user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (!user.Identity.IsAuthenticated)
{
return false;
}
...snip...
}
Yes, its possible. You would need to create your own ControllerActionInvoker and override the FindActionMethod member. I'd let the base class do it's work and then check to see if the method it returns satisfies your criteria and if not, return a better match.
I'm doing something like this to allow my Controllers to have a "Default Action" and it works well. Check out MvcContrib and their implementation of their ActionInvoker for a really nice example.