开发者

Display action-specific authorisation message for [Authorize] attribute

Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page?

Ideally,

[Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")]
public ActionResult SomeAdminFunction()
{
    // do admin stuff
    return View();
}

As I understand it, attributes are not meant to add functionality, but this seems purely informational. One could do this inside开发者_运维百科 the action, but it seems inelegant compared to the use of an attribute.

Alternatively,

if (!Request.IsAuthenticated)
{
    if (!User.IsInRole("Administrator"))
        SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack
    return RedirectToAction("SignIn", "Account");
}

Is there an existing way to do this or do I need to override the [Authorize] attribute?


I would override the attribute to add my specific message.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜