I thought about creating a custom AuthorizeAttribute that will prevent logged in users calling a action ( [UnAuthorized] so to speak)
Tried creating a custom AuthorizeAttribute and override the AuthorizeCore method, but not sure this is the right approach.
(does not work anyhow...get an error telling me "no suitable method found to override")
[Code]....
I have a database where i want to log my user into and for this issue i want to customize the AuthorizeAttribute i am wrong ?? have some easier way to do it ??
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
// the "new" must be used here because we are overriding
// the Roles property on the underlying class
public new Authorization.SiteRoles Roles;
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
throw new ArgumentNullException("httpContext");
string[] users = Users.Split(',');
if (!httpContext.User.Identity.IsAuthenticated)
return false;
int found = Convert.ToInt32(httpContext.Session["role"]);
return Authorization.CheckRolesCompliance(Roles);
}
}
ERROR: 'CustomAuthorizeAttribute.AuthorizeCore(System.Web.HttpContextBase)': no suitable method found to override
I Create my won Authorize Attribute. Thats work great in the controller. How can I use it in the view.
Example : I have a manage user link, If you haven't access to this page, I don't want to show the link.
Here is my Authorize Attribute.
public class UserAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext.Session["UserID"] == null)
[Code]....
I am creating a custom control by inheriting a server control, say LinkButton. There are properties like "BorderColor" available in LinkButton. Let's say, I don't want this particular property to be available when I create an instance of the custom control.
I want to completely hide this particular property (I don't want to override it but disable it.)
My code is as follows:
[Code]....
How to create a custom control and REGISTER IT AND WHERE TO INSERT A CODE IN IT FOR AN EXISTING WEB SITE?
View 4 RepliesWhat is the most straight forward way to use AuthorizeAttribute and JsonResult together so that when the user is not authorized the application returns a Json error rather than a log in page?The two things I am currently considering are extending AuthorizeAttribute or just making a new attribute that implements IAuthorizationFilter.
View 1 RepliesI'm writing an MVC app that is a front-end for an existing system with it's own authentication process. I want to mimic the behavior of forms authentication with the [Authorize] attribute redirecting to a log-on page, but the logged in status is handled completely by API calls to the backend system. What do I need to do for ASP.NET MVC to recognize a user as "authenticated" if I'm not using the Forms authentication system?
View 3 RepliesI'm only a newcomer to ASP.NET MVC and am not sure how to achieve a certain task the "right way".
Essentially, I store the logged in userId in HttpContext.User.Identity and have written an EnhancedAuthorizeAttribute to perform some custom authorization.
In the overriden OnAuthorization method, my domain model hits the database to ensure the current user id can access the passed in routeValue "BatchCode". The prototype is:
ReviewGroup GetReviewGroupFromBatchCode(string batchCode);
It will return null if the user can't access the ReviewGroup and the OnAuthorization then denies access.
Now, I know the decorated action method will only get executed if OnAuthorization passes, but I don't want to hit the database a second time to get the ReviewGroup again.
I am thinking of storing the ReviewGroup in HttpContext.Items["reviewGroup"] and accessing this from the controller at the moment.
I'm securing an ASP.NET MVC 2 application, and I have a user who is in the role "Foo".
This is true:
User.IsInRole("Foo")
But yet, when I attempt to lock down a controller action like the following, the user is denied:
[Authorize(Roles = "Foo")]
public ActionResult PrivatePage()
{
return View();
}
If IsInRole reports true, why would the Authorize attribute not allow the user in?
I'm using MVC 2 with futures, and I'm trying to hide/show content based on role. Is there a way with ActionFilterAttribute or AuthorizeAttribute if the authentication fails to not show a partial view on a controller all through attributes? Or is all I can
do with those attributes is redirect or throw up an error message? I just need the child action to return nothing basically if it fails the authentication.
I found a way using ActionFilterAttribute, but it's kind of a hack because it still calls the ChildAction on the controller and then I'm setting the result to empty afterwards. I'm looking for it not to call the Action/ChildAction at all if the authentication fails. Is there a way to restrict that call?
public
override
void OnActionExecuted(ActionExecutedContext [code].....
I am busy writing my own custom attribute for my action method called MyAuthorizeAttribute, I am still busy writing the code, here is my partial code:
[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
public class MyAuthorizeAttribute : AuthorizeAttribute
{
public new Role Roles;
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (Roles != 0) // Did it this way to see what the value of Roles was
return;
// Here I am going to get a list of user roles
// I'm doing my own database calls
filterContext.Result = new HttpUnauthorizedResult();
}
}
Here is my Role enum:
public enum Role
{
Administrator = 1,
SuperAdministrator = 2
}
My action method:
[MyAuthorize(Roles = Role.Administrator|Role.SuperAdministrator)]
public ActionResult Create()
{
return View();
}
The reason why I did not use Roles = "Administrator,SuperAdministrator" was because the roles are hard-coded. I don't want to have a 100 places to change if the role name changes.
Given my method, when it gets to if (Roles != 0) then Roles total value is 3, how would I check to see if these 2 roles is in the list of user roles for a specific user?
Am I doing it correct here? If not how would I otherwise implement this? It doesn't have to be the way that I did it in.
I am woking on a MVC project which require me to put all controllers, models and views into a folder called Mvc instead of the project root, I created a custom viewengine, here is the code:
[Code]....
My Application_Start:
[Code]....
It does not work, when I request [URL], I got: The view 'Index' or its master could not be found. The following locations were searched:
~/Mvc/Views/Index.aspx
~/Mvc/Views/Index.ascx
~/Mvc/Views/Shared/Index.aspx
~/Mvc/Views/Shared/Index.ascx
I expect the custom viewengine to find the view at: ~/Mvc/Views/Home/Index.aspx
I have an existing web application that uses EF and POCO objects. I want to improve the client experience by exposing some of my objects through WCF(JSON). I have this working fine but where I am unsure is how to handle derived objects(not sure if that is the correct term) or IEnumerable anonymous objects if you will.
Let's say I have 3 tables structured like so:
Templates
ID
Template
Groups
ID
Group
Instances
ID
TemplateID
GroupID
This is obviously a one-to-many type relationship. I have my navigation properties setup correctly and getting strongly typed object properties works great. However, how do I send serialized anonymous type object(s) over the wire. Like an object that sends all instances that are equal to groupid=1 and include the names of the template and the object.Am I missing something or do I have to create another class object for WCF that would look like this:
WCF Object
InstanceID
TemplateID
TemplateName
GroupID
GroupName
I guess I could alter my tables to account for this but that seems wrong too. I know that IEnumerable objects can't be serialized and I know that throw away objects are probably not the way to go either. I want to do this the right way but I am not sure how to go about it.
What is the best way to go about creating a custom framework for asp.net?
We have several enterprise level asp.net ecommerce websites all running from completely seperate code bases. What I'd like to do is standardise the common components (session management/urlrewriting/surge control etc) and integrate them into the .net framework at the highest level possible and in a way that my developers cannot (easily) make changes.
I've considered creating a common assembly and just referencing that in each of the solutions but this still relies on the developer wiring up the httphandlers/modules and implementing the basepage design pattern for each individual page/masterpage.
I have a Results.aspx page that displays the resulting records queried using a SqlDataSource object via a ListView. I want to add a "View" button that will appear next to each record, and when clicked will take me to a separate page that will display details about that record. How do I accomplish this?
Edit
I have tried what you said, citronas and here's what I've come up with:
[Code]....
Unfortunately nothing actually happens...am I missing something?
Edit -- Fixed
I was missing something! I had CommandName equal to my method name instead of OnCommand. I took out CommandName, kept the argument bit and replaced CommandName with OnCommand. Everything works now, but what would I ever need CommandName for?
I have created a custom html helper as follow:
[Code]....
In my View, I am using it like this:
[Code]....
However, for some reason nothing gets rendered!
I don't know is this correct forum for asking this question or not, but i need it very urgently ,please help me out.I need to create a website setup with the following actions.1. Primarily it should first check whether IIS is installed in local machine or not, if IIS is not installed then it should give an Error Message.2. If IIS is present it should Start Installing with all the Content Files and Web Files and Class Files.3. After Installing all the files in IIS it should ask for the Connection String i.e. from where and which database should be taken as connection string, and it should set this connection string in web.config.4. After all this process it should ask for default page to be opened i.e. Which page should be started as first page.5. Then it should automatically open that website with default set page in browser , to check whether it is working fine or not.
View 3 RepliesI am trying to create a custom datatype. The intention being a dropdown list. As of right now, I can access the control I created but no properties or values are showing up within it. Just the blank drop down.
public partial class usercontrols_admin_customDataType_CountryDropDown :
System.Web.UI.UserControl,
umbraco.editorControls.userControlGrapper.IUsercontrolDataEditor
{
public string umbracoValue;
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
DataSet ds = new DataSet();
FormFieldBuilder countries = new FormFieldBuilder();
ds = countries.GetAllCountries();
ddCountries.DataSource = ds;
ddCountries.DataTextField = ds.Tables[0].Columns["DisplayName"].ToString();
ddCountries.DataValueField = ds.Tables[0].Columns["guiCountryID"].ToString();
ddCountries.DataBind();
}
}
#region IUsercontrolDataEditor Members
public object value
{
get
{
return ddCountries.SelectedValue;
}
set
{
if (value != null)
{
ddCountries.SelectedValue = value.ToString();
}
}
}
#endregion
}
I created user control and want to add it to page. I use next code:
Controls_MultiTextInput cc = new Controls_MultiTextInput();
Controls.Add(cc);
But control doesn't appear on page. What is wrong?
i have a need to generate JSONP using MVC 2 for a 3rd party App...It seems there is no actionresult for this OOTB in MVC 2 so i need to create a custom one..i found the following article on such here; [URL] My first question is...Where do i put the custom actionresult code? Secondly...How can i use this to new JSONP actionresult to return data from my data model? Currently , my current JSON actionresult (remember..i need JSONP) looks like this;
[Code]....
How can i use the new JSONP Actionresult to return db.GetTopGainers()?
I'm working on a project that requires registration and login. I know that ASP.NET provides login controls to get that job easily done. However, I'd like to implement custom registration and login. I mean my own registration and login forms and my own database. I've researched before posting this topic, but found nothing useful teaching me how to implement those functions. Can you guys tell me the way to implement them using LINQ and VB? OR can you give me the URL of the tutorial teaches exactly what I want?
View 2 RepliesI have a need to create a custom wizard, without using the wizard control. What I am attempting to create is something similar to this post:
[URL]
The only problem is that I need to attach CSS to the previous steps that is different from the next step, and different from the current step. So I created a <UL> for the menu, but how to dynamically attach css to the different <ul> elements and assign 3 classes: previous, current & next based on the step the user is on?
'm in need to create a custom installation package that I can distribute to my clients, where the installation of ASP.NET web applicationwould be as automated as possible. To do this I'm looking for custom install that has the following capability:- Copy and deploy files to desired location- Create a virtual application on the IIS- Connect to the SQL server and create the SQL database.- Ability to enter custom data such as the license key
View 2 RepliesI am working on a web service right now and I am using the default namespace which is below one;
[WebService(Namespace = "http://tempuri.org/")]
How can I create a custom user interface?Like this page;http://ws.cdyne.com/WeatherWS/Weather.asmx
I've created a basic table in SQL,
ID, Foldername, ParentID, parentLevel
1, Domestic, 0,0
2, commercial, 0,0
3, Product, 1,1
4, product, 1,1
5, Item, 3,2
6, product, 2,1
7, item, 6,2
I've created a basic web page to that drills down level by level. that all works fine.
I want to manage this table now in an admin page, and was looking for some kind of tree view type code that will allow a user to expand a level and drill down to sub levels.
Code:
Private Sub LoadList()
Litlist.Text = ""
Litlist.Text += "<tr style='background:#808080; color:white; text-align:center'>"
Litlist.Text += "<td>ID</td>"
Litlist.Text += "<td>Name</td>"
[Code] ....
This kinda works but doesn't allow me to expand to create have a collapsible tree view or show/hide TR's. How to do this using a simple table like I have for multiple levels.