I use a custom AuthorizationFilter like the followings:
public class ActionAuthorizeAttribute : AuthorizeAttribute {
protected override bool AuthorizeCore(Syste
If getting the area did not work, you can fetch are from the RouteData in this way:
string currentArea = string.Empty;
if (rd.DataTokens.TryGetValue("area", out object area))
{
currentArea = area.ToString();
}
Getting the area will not work if you are on a custom filter the next will work to get an area
filterContext.RouteData.DataTokens["area"]
Face the same issue just a moment ago and my solution is:
Define 2 attributes in your ActionAuthorizeAttribute class e.g.
public string ControllerName {get;set;}
public string ActionName {get;set;}
While annotating your action of the controller specify them e.g.
[ActionAuthorize(Roles="Admin", ContollerName="ControllerName",ActionName="ActionName")]**
public ActionResult Disable(int id)
{
...
}
> namespace dene.kontroller {
> public class daAttribute: AuthorizeAttribute
> {
> private Entities db = new Entities();
> private readonly string[] allowedroles;
> public daAttribute(params string[] roles)
> {
> this.allowedroles = roles;
> }
>
>
> protected override bool AuthorizeCore(HttpContextBase httpContext)
> {
> bool authorize = false;
> foreach (var role in allowedroles)
> {
> if (role == HttpContext.Current.User.Identity.Name)
> {
>
> if (role!= null)
> {
> authorize = true;
> }
> }
>
>
> }
> return authorize;
> }
>
>
> protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
> {
>
> FormsAuthentication.SignOut();
> filterContext.Result = new HttpUnauthorizedResult();
> }
>
> } }
You could fetch them from the RouteData:
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
var rd = httpContext.Request.RequestContext.RouteData;
string currentAction = rd.GetRequiredString("action");
string currentController = rd.GetRequiredString("controller");
string currentArea = rd.Values["area"] as string;
...
}