tag:blogger.com,1999:blog-9200551703084243537.post7948983310424535115..comments2023-11-02T07:29:53.062-05:00Comments on Farm Fresh Code: Revisiting custom authorization in ASP.NET MVCtvanfossonhttp://www.blogger.com/profile/04716379255368704897noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-9200551703084243537.post-46659038528448552272013-01-29T12:14:29.318-06:002013-01-29T12:14:29.318-06:00For those of you who might be having a hard time g...For those of you who might be having a hard time grasping this, I recommend just copying and pasting the code, applying your custom attribute, accessing an action method on which the attribute has been applied, and seeing what happened. This is indeed the way to do it. Thanks!mrbojangleshttp://stackoverflow.com/users/13578/mrbojanglesnoreply@blogger.comtag:blogger.com,1999:blog-9200551703084243537.post-89262901076886035382011-12-05T15:31:54.055-06:002011-12-05T15:31:54.055-06:00Couldn't you skip all of this by making Userna...Couldn't you skip all of this by making Username == UserID ? So that for example you go to /User/abcdef<br />and abcdef is taken as this.username, and all you have to do is check that:<br />HttpContext.Current.User.Identity.IsAuthenticated && <br /> HttpContext.Current.User.Identity.Name == this.username<br />..So no hitting the database.Enoreply@blogger.comtag:blogger.com,1999:blog-9200551703084243537.post-81266895028173429452011-06-23T22:24:10.575-05:002011-06-23T22:24:10.575-05:00Hi,
Thanks for this.
Your class inherits from ...Hi, <br /><br />Thanks for this. <br /><br />Your class inherits from MasterEventAuthorizationAttribute. Should that be AuthorizeAttribute?<br /><br />Cheers :-)Zaaaaphodhttps://www.blogger.com/profile/13896765989722313208noreply@blogger.comtag:blogger.com,1999:blog-9200551703084243537.post-50601954954961910442011-03-18T09:52:10.405-05:002011-03-18T09:52:10.405-05:00@West - absolutely right. Cut/paste error. In my...@West - absolutely right. Cut/paste error. In my actual code RoleOrOwnerAuthorizationAttribute derives from another class and I had pasted in the code for that class's override of OnCacheAuthorization instead of the actual code. I've updated with the correct snippet.tvanfossonhttps://www.blogger.com/profile/04716379255368704897noreply@blogger.comtag:blogger.com,1999:blog-9200551703084243537.post-7749983688590448752011-03-17T20:02:18.227-05:002011-03-17T20:02:18.227-05:00Dont you need to call IsOwner from OnCacheAuthoriz...Dont you need to call IsOwner from OnCacheAuthorization passing in your httpContext?Anonymousnoreply@blogger.com