Display action-specific authorisation message for [Authorize] attribute
Is there a way to display an action-specific authorisation message for when an [Authorize]
or [Authorize(Roles="Administrator")]
attribute redirects the user to the sign-in page?
Ideally,
[Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")]
public ActionResult SomeAdminFunction()
{
// do admin stuff
return View();
}
As I understand it, attributes are not meant to add functionality, but this seems purely informational. One could do this inside开发者_运维百科 the action, but it seems inelegant compared to the use of an attribute.
Alternatively,
if (!Request.IsAuthenticated)
{
if (!User.IsInRole("Administrator"))
SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack
return RedirectToAction("SignIn", "Account");
}
Is there an existing way to do this or do I need to override the [Authorize] attribute?
I would override the attribute to add my specific message.
精彩评论