How to Extend/Architect the ASP.NET MVC 3 Authorize Attribute to Handle This Scenario

Question

I\'ve been trying to think this answer through and can\'t find a good solution on how to properly do this.

I\'ve read over these articles:
h

Answer 1

I had somewhat similar problem and I did not use Authorize attribute.

Instead I decided to extend Controller class and override the implementation of OnActionExecuting. In my implementation then I could perform all checks like to which department user belonged and whether he is good enough to see the data of other departments. See if this approach works for you.

Answer 2

I had somewhat similar problem and I did not use Authorize attribute.

Instead I decided to to take the different -2 Layout for the Different user .

if the User is Admin then he will go to the different view and if the user is guest he will go to the different view through different layout.