1

I have a dropdownlist on UI with data populated from database. I have 2 roles user and admin. Do we have option to display error based on model attribute if user have no permission to access data like the below.

[permission]
public details {get; set; }

I am trying to show validation message to user like "you dont have permission to access dropdown". Can you throw me some idea if I can use [authorize] and display error message?

Kurkula
  • 6,386
  • 27
  • 127
  • 202

2 Answers2

0

  1. I don't know how permissions are controlled in your application. You may find an inspiration for implementing that here:

    http://typecastexception.com/post/2013/11/11/Extending-Identity-Accounts-and-Implementing-Role-Based-Authentication-in-ASPNET-MVC-5.aspx

    and here:

    Access Control in ASP.NET MVC using [Flags] based Enum to int permissions management in SQL

  2. The most primitive way of restricting an access to a user-control depending on (role) permissions is hiding it from unwelcomed users:

    @if(User.IsInRole("Admin")) {
    @Html.DropdownListFor(
        expression: m => m.SelectedItemId, 
        selectList: Model.YourCollection, 
        optionLabel: "some text"
    )
}
Community
  • 1
  • 1
lexeme
  • 2,915
  • 10
  • 60
  • 125
0

You can also use a AuthorizeAttribute like this.

public class FVAuthorizeAttribute : AuthorizeAttribute
{
    private readonly bool _authorize;
    private readonly string[] _roles;

    public FVAuthorizeAttribute()
    {
        _authorize = true;
    }



}

and then use something like

[FVAuthorize(Roles = "Administrator, NameOfMethodHereThatCreatesDropdown")]

public details {get; set; }

mathis1337
  • 1,426
  • 8
  • 13