0

I need to extend asp:Menu to support linking to MVC routes (my project has a mix of MVC and non-MVC pages). My menu is generated using a custom class which determines if a user should be shown a node based on their priveleges to the file it referes to.

MVC pages are restricted using the AuthorizeAttribute. Avoiding mocking (if possible) I want to

  1. Determine if the path refers to an MVC page or a standard page
  2. If MVC, determine if the user has the rights to access it

Here's my method signature inside the menu generation class:

Private Function CanAccessPage(path As String) As Boolean
just.another.programmer
  • 8,579
  • 8
  • 51
  • 90

1 Answers1

0

Here's the algorithm I used for this,

  1. Based on @SLaks answer here, I was able to determine if the path referred to an MVC route.
  2. If it was MVC, I grabbed the controller type (this required knowing what namespace my controller's were in)
  3. Got the action method by controllerType.GetMethods(actionMethodName) (if you have multiple methods with the same name, you must pick the one your link refers to. Probably the one with an HttpGet attribute).
  4. Used actionMethodInfo.GetCustomAttributes(GetType(AuthorizationAttribute), False) to get a collection of all authorization filters for the specified action
  5. Called OnAuthorization with the fake context info I build in step 1 for each attribute.
  6. Check if TypeOf filterContext.Result Is HttpUnauthorizedResult and return accordingly
Community
  • 1
  • 1
just.another.programmer
  • 8,579
  • 8
  • 51
  • 90