I'm working on implementing a customized AuthorizeAttribute. The AuthorizeCore override accepts HttpContextBase. If user does not have the correct role, then I want to throw an error. I found some code where I can set the MasterName, ViewName, etc to redirect the user to. It uses ActionExecutingContext:
private void ThrowError(ActionExecutingContext filterContext, string message)
{
var ex = new Exception(message);
var errorInfo = new HandleErrorInfo(ex, filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.ActionDescriptor.ActionName);
var viewData = new ViewDataDictionary(errorInfo);
filterContext.Result = new ViewResult { MasterName = MasterName, ViewName = ViewName, ViewData = viewData };
}
Is it possible to get Ac开发者_C百科tionExecutingContext from the HttpContextBase passed into AuthorizeCore override? If not, any suggestions?
Thanks for your help.
In the AuthorizeCore method you don't need to perform any redirects. You simply need to use the Http Context to return true or false depending on whether the user is authenticated and authorized. In order to redirect him to an error page you need to override the HandleUnauthorizedRequest method where an AuthorizationContext is passed as argument and you can handle the case. This method will be invoked when AuthorizeCore returns false so that you can act accordingly.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论