0

I am trying to retrieve the 'action name' and 'controller name' from a custom AuthorizeCore of AuthorizeAttribute.

I have been trying the method here: Get ActionName, ControllerName and AreaName and pass it in ActionFilter Attribute That is to recover the route values from the httpContext.

This doesn't work for PartialViews though:

I have a main view (Say /Enterprise/View), which calls the following sub view (in Razor):

Html.RenderAction("partialViewContacts", "Enterprise")

In authorizeCore, the Controller/action provided by httpcontext are always Entreprise/View, and never Enterprise/partialViewContacts.

Protected Overrides Function AuthorizeCore(httpContext As HttpContextBase) As Boolean
    Dim authorized As Boolean = isAllowed()
        If Not authorized AndAlso System.Web.HttpContext.Current.Session("IdUser") IsNot Nothing 
             Dim rd = httpContext.Request.RequestContext.RouteData
             Dim action = httpContext.Request.RequestContext.RouteData.GetRequiredString("action")
             Dim ctrller = httpContext.Request.RequestContext.RouteData.GetRequiredString("controller")
             Throw New Exception("Not authorized")
        End If
    Return authorized
End Function

This is needed for logging purposes. The AuthorizeCore method itself does work and correctly restricts/authorize access to the request view or partial view.

Spok
  • 391
  • 1
  • 13
  • did you tried something like this: convert the value to string. ```HttpContext.Current.Request.RequestContext.RouteData.Values["Controller"]``` or ```HttpContext.Current.Request.RequestContext.RouteData.Values["action"]``` – KushalSeth Mar 09 '21 at 19:31
  • That was an interesting try, but those also hold the main view controller and action values – Spok Mar 12 '21 at 13:43

0 Answers0