Test System.Web.Authorization From Code

Inside a web.config file, you can control user/role authorization like this:

 <location path="MyPage.a开发者_如何学Gospx">
  <system.web>
    <authorization>
      <allow users="User1"/>
    </authorization>
  </system.web>
</location>

An asp.net menu will automatically filter out pages that aren't authorized for the current user, but how can I check in my code if they have the correct permissions?

I'd like to disable or hide links that they don't have access to.

There's no in-built method to test permissions as such, you have to retrieve the current identity using:

HttpContext.Current.User.Identity.Name 

...and test this against the respective criteria. A better approach might be to assign roles and use this method to test permission sets:

HttpContext.Current.User.IsInRole("Managers")

You could also programmatically access the authorization section:

System.Configuration.Configuration config = WebConfigurationManager.OpenWebConfiguration(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
AuthorizationSection asection;
asection = config.GetSection("system.web/authorization") as AuthorizationSection;

...but you'd need to implement a means to test these rules against a particular resource demand.