The problem that I am trying to solve seems to me very simple: my application has a menu on the site from which the user can navigate through various areas. Menu items are just references to ActionResult methods. I use the custom attribute AuthorizeAttribute for actions related to the execution of user authorization roles. This works great because it prevents the user from completing an action if they do not have the appropriate roles. However, I do not want to show the menu option to go to this action, if he does not have the right to perform it.
So, at the simplest level, I want to be able to do something like this:
var isAuthorized = IsAuthorized("ControllerName", "ActionName", currentUser);
The IsAuthorized method will then look for any AuthorizeAttributes attributes for this action and evaluate whether the user will be able to execute it.
Is there such an approach? Suppose we donβt have a controller instance in the place where we are doing this assessment.
source
share