Authorization in Asp.Net MVC

Asked

Viewed 406 times

6

I’ll try to be clear.

In most examples of ASP.NET MVC authentication and access authorization, I see that authorization control is usually done on Controller, with the decoration of the class itself inherited from Controller, or even by decoration of Actions with the attribute Authorize. With this in place, all the items contained within my view attached to this so-called Action, will be on the same level of authorization.

The question is: Has some elegant way of making that a component of mine view change rule according to the Role user’s?

Simple example: A button appears only for users of type Administrator, something very specific.

I thought of something like, passing the user access level on a viewbag and make a condition to display or not the said example button with the Razor, I don’t know if this solution would be the most appropriate. Is there any more elegant way?

c# asp.net-mvc asp.net-identity

1 answer

7


Has some elegant way of making that a component of mine view change rule according to the Roll user’s?

Yes:

@if (User.IsInRole("Administradores")) { ... }

It may be necessary to write a RoleProvider or enable ASP.NET Identity Roles support, which is not enabled by default.

I thought of something like, pass the level of user access in a viewbag and make a condition to display or not said example button with Razor, I do not know if this solution would be the most appropriate.

This is the bad way to do it, and also the most laborious.

  • It has how to do with Claims?

  • 1

    @Raphael Yes: http://answall.com/questions/86128/inser-additionals-do-banco-nas-claims-do-usu%C3%A1rio-qual-o-melhor-momento/136814#136814

Browser other questions tagged c# asp.net-mvc asp.net-identity

You are not signed in. Login or sign up in order to post.