3

I am working on a large production SAAS Webforms application that is going to be slowly migrated to MVC 5. We want to be able to let some customers 'opt-in' to the new MVC pages as they are deployed based on a configurable setting.

The MVC application will be in the same project as the webforms application. The conversion to MVC will go feature by feature to basically create a complete MVC application standing side by side with the webforms application. Once all features are implemented and customers have converted we will remove the webforms project and keep only the MVC project.

If a customer 'opts-in' then we want them to view any MVC views that exist instead of the original aspx page. If an aspx page hasn't yet been converted to MVC OR they customer has not opted-in, then we want them to view the aspx page.

My main concern is preventing the user from manually entering in a url and going to an aspx page when they should be viewing a MVC page or vice versa. Since this application is a multi-tenant system, it cannot be just set in the route configuration because those are only loaded once when the whole application starts. Whatever solution needs to dynamically check the opt-in setting for each user.

Where would be the best place to honor the 'opt-in' setting to force the user to the new MVC route instead of the legacy aspx page if both exist and what is the best way to implement this logic?

A couple of co-workers mentioned that it might could be done using a HTTPModule that checks a collection of aspx page to MVC route mappings.

Basically: If optInToMvcSetting == true && url.contains(".aspx") Then redirect to corresponding route found in aspxToRouteMap.

If optInToMvcSettings == false && !url.contains(".aspx") Then redirect to corresponding aspx page found in aspxToRouteMap.

Does anyone have any thoughts or advice?

Bodie
  • 31
  • 3
  • Routing and authorization are separate concerns. Routing is for defining what the URLs look like. You should authorize users to use certain sections of your site using `[AuthorizeAttribute]`. Once you configure permissions, you can use [this technique](http://stackoverflow.com/questions/18345004/hiding-links-from-certain-roles-in-asp-net-mvc5) to show/hide links to other sections. – NightOwl888 Jun 05 '16 at 08:23
  • If the user is only able to see navigation which relates to the version of the site they've selected - legacy or MVC - I would expect this is enough to support the majority of your users. Why you want to prevent users from manually entering URLs and do you actually expect them to do this? – timothyclifford Jun 13 '16 at 04:31

1 Answers1

0

Why not use both?

Leave the WebForms aspx pages as is and then add the MVC routes as features are converted.

Then you can simply maintain two separate navigation renderings, one for WebForms and one for MVC. By default show WebForms but if a user opts in, show MVC. A browser cookie would be sufficient to provide this functionality.

The MVC navigation will initially include aspx links but as the conversion progresses these will be swapped out for their MVC counterparts.

The MVC routing is smart enough to distinguish between an MVC route or an aspx page.

This question contains information for your problem.

Community
  • 1
  • 1
timothyclifford
  • 6,799
  • 7
  • 57
  • 85