Home/ Questions/Q 8988703
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T22:04:03+00:00

I’m trying to write an attribute class that can be used on all my

  • 0

I’m trying to write an attribute class that can be used on all my “admin” actions which then effectively applies all relevant action/auth filters to that action. For instance, I always apply the AuthoriseAttribute and a custom AdminLayoutAttribute, so my intention is to just have an AdminAttribute which somehow implies both the above. That way I can make changes to the entire Admin section in one handy place.

However I don’t see how I can do this. Can any one point me in the right direction?

Much appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could consider moving them from the actions to a controller class or a base controller class for the Admin actions. That way you would just set both the Authorize and AdminLayout attributes in the controller class instead of each individual action method.

    [Authorize]
[AdminLayout]
public AdminController: Controller
{
    //action methods
}

    Having an attribute combining the authorization and some custom layout logic could be seen as a break of the Single Responsibility Principle, but if you have no other choice then you could try these approaches:

    If you want to replace your existing AdminLayoutAttribute by a new AdminAttribute, you could then create the AdminAttribute so it inherits from the standard AuthorizeAttribute and also implements IActionFilter\IResultFilter as in your custom AdminLayoutAttribute.

    public class AdminLayoutAttribute: AuthorizeAttribute, IActionFilter, IResultFilter
{
    //Logic as in existing AdminLayoutAttribute to be replaced
}

    Otherwise if you want to keep your existing AdminLayoutAttribute and add a new AdminAttribute that combines it with the AuthorizeAttribute, you could then inherit from your custom attribute and implement IAuthorizationFilter by calling an internal instance of type AuthorizationFilter

    public class AdminLayoutAttribute: AdminLayoutAttribute, IAuthorizationFilter
{
    //Implement IAuthorizationFilter by delegating to an internal AuthorizeFilter instance
    private _authorizeFilter = new AuthorizeAttribute();

    public override object TypeId 
    { 
        //override from base Attribute class as in AuthorizeAttribute class
        get { return _authorizeFilter.TypeId ; }
    }

    public string Roles 
    {
        get { return _authorizeFilter.Roles; }
        set { _authorizeFilter.Roles = value; }
    }

    public string Users 
    {
        get { return _authorizeFilter.Users; }
        set { _authorizeFilter.Users = value; }
    }

    public void OnAuthorization(AuthorizationContext filterContext) 
    {
        _authorizeFilter.OnAuthorization(filterContext);
    }

}

    The key in both options is to not having the new AdminAttribute class inheriting from 2 concrete classes, as multiple inheritance is not supported by C#.

    • 0