User access to pages that admin assigns

Question

I am working on ASP.Net MVC application where admin can assign access to individual user on different pages.

I applied user roles such as Admin, supervisor and End-user and [authorize] attribute. it is working fine but now i want user to access such pages that admin assigns him.

Currently trying to override OnAuthorize() method so that i can get the action name and check (from the DB) if the user have access rights or redirect it to another page (Stating: "You do not have permission")

Note: I saved all the rights of form like active, add, update, delete etc in DB.

score 1 · Answer 1 · answered Jan 25 '14 at 01:54

You need to extend the built-in AuthorizationAttribute, override its AuthorizeCore methid and implement your logic in there. Like this:

public class UserBasedCustomAuthorizationAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        ... do your checking here

Here's the Microsoft implementation, that takes care of Roles: AuthorizeAttribute.cs

User access to pages that admin assigns

1 Answers1