开发者

Determine if user can access database generated page?

开发者 https://www.devze.com 2022-12-16 15:40 出处:网络
I have Membership, Profile and Role prov开发者_开发问答iders setup for my .NET MVC website. I would like to say: this Role has access to that Page.

I have Membership, Profile and Role prov开发者_开发问答iders setup for my .NET MVC website. I would like to say: this Role has access to that Page.

How do I 'inject' this code to the RoleProvider? Or do I have to override it somehow? Any leads?

(Roles are stored in the default ASP.NET SqlRoleProvider, Pages are stored in a seperate SQL database).


Why would you inject this into the role provider? Why not just decorate the ActionResult [Authorise(Roles="myrole")]?

I understand that your pages are in the database but the action result still needs to call the view right?

I guess you could write you're own custom attribute which can check and either grant access or deny it.

I don't think the role provider is the right place for determining whether a page can be displayed or not.


Take a look at using sitemaps under asp.net. It is VERY easy to manage and to extend.

I have even used them as the datasource for a menu system.

Once in your page, you can do something like:

User.IsInRole("RoleName")
0

精彩评论

暂无评论...
验证码 换一张
取 消