An attribute argument must be a constant expression, typeof expression, or array creation expression of an attribute parameter type

Question

I have these two line:

[AccessDeniedAuthorize(new string[] { "MIS", "Test" })]

[AccessDeniedAuthorize(DAL.RoleHandler.GetRolesForTcode("testMenu"))]

But second line has this error:

An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type

But GetRolesForTcode returns string[] too, why the error?

public class AccessDeniedAuthorizeAttribute : AuthorizeAttribute
{
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        base.OnAuthorization(filterContext);

        if (filterContext.Result is HttpUnauthorizedResult)
        {
            filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary { { "Controller", "AccessDenied" }, { "Action", "Index" } });
        }
    }

    public AccessDeniedAuthorizeAttribute(string[] roles)
    {
        this.Roles = string.Join(",", roles);
    }
}

public class RoleHandler
{
    public static string[] GetRolesForTcode(string tCode)
    {
        using (var db = new Models.VMIEntities())
        {
            var roles = db.T_Auth_Role_Master
                .Where(role => string.Compare(role.obj, "t_code", StringComparison.OrdinalIgnoreCase) == 0)
                .Where(role => string.Compare(role.authobj_value, tCode, StringComparison.OrdinalIgnoreCase) == 0)
                .Select(role => role.role);
            return roles.ToArray();
        }
    }
}

Attribute parameters must be known at compile time. You can't run code to get an attribute parameter. — , Mar 13 '18 at 07:41
Possible duplicate of [An attribute argument must be a constant expression, ...- Create a attribute of type array](https://stackoverflow.com/questions/25859094/an-attribute-argument-must-be-a-constant-expression-create-a-attribute-of) — , Mar 13 '18 at 07:42
See following : https://www.tutorialsteacher.com/mvc/exception-handling-in-mvc#:~:text=Another%20way%20to%20handle%20controller%20level%20exceptions%20is,an%20exception%20and%20redirect%20to%20the%20specific%20view. — jdweng, Aug 16 '22 at 01:31

score 2 · Answer 1 · answered Mar 13 '18 at 07:50

2

As you have quoted,

An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type

DAL.RoleHandler.GetRolesForTcode("testMenu") is not any of those things. It is not a constant expression because it can't be evaluated at compile time. Methods are evaluated at run time.

According to the C# language specification section 17.2,

An expression E is an attribute-argument-expression if all of the following statements are true:

The type of E is an attribute parameter type (§17.1.3).

At compile-time, the value of E can be resolved to one of the following:

A constant value.

A System.Type object.

A one-dimensional array of attribute-argument-expressions.

So that's why the error occurs. You must put a constant expression in there.

answered Mar 13 '18 at 07:50

Sweeper

213,210
22
193
313

is there any other way to achieve what I want by using method to return list of roles? – Pop Mar 13 '18 at 07:53
@Pop Depending on the actual situation, there might be a workaround. But using attributes is out of the story. – Sweeper Mar 13 '18 at 07:56
2

@pop you can make an attribute that accepts `"testMenu"` as an argument, and *the attribute* calls `DAL.RoleHandler.GetRolesForTcode` with the supplied parameter. – Mar 13 '18 at 07:58

An attribute argument must be a constant expression, typeof expression, or array creation expression of an attribute parameter type

1 Answers1

Linked