How to Extend/Architect the ASP.NET MVC 3 Authorize Attribute to Handle This Scenario

后端 未结 2 1995
轻奢々
轻奢々 2021-02-14 15:36

I\'ve been trying to think this answer through and can\'t find a good solution on how to properly do this.

I\'ve read over these articles:
h

2条回答
  •  臣服心动
    2021-02-14 15:56

    I had somewhat similar problem and I did not use Authorize attribute.

    Instead I decided to extend Controller class and override the implementation of OnActionExecuting. In my implementation then I could perform all checks like to which department user belonged and whether he is good enough to see the data of other departments. See if this approach works for you.

提交回复
热议问题