My site is open to all but i have a controller with some method that only the manager with the user and password can enter. I\'m saving the bool IsManager
in a
First define an ActionFilter
:
public class TheFilter: ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = filterContext.HttpContext.Session;
if ((bool?)session["IsManager"] == true)
return;
//Redirect him to somewhere.
var redirectTarget = new RouteValueDictionary
{{"action", "{ActionName}"}, {"controller", "{ControllerName}"}};
filterContext.Result = new RedirectToRouteResult(redirectTarget);
}
}
Then use it above the restricted Action(or controller):
//[TheFilter]
public class ManagersController : Controller
{
[TheFilter]
public ActionResult Foo()
{
...
return View();
}
}