In ASP.NET MVC 2, to secure controller action, i have created a class RequirePermission

Question

0

Asked: May 13, 20262026-05-13T14:17:59+00:00 2026-05-13T14:17:59+00:00

In ASP.NET MVC 2, to secure controller action, i have created a class RequirePermission

0

In ASP.NET MVC 2, to secure controller action, i have created a class RequirePermission inherited from ActionFilterAttribute class. The controller action looks like

[RequirePermission(permissions="CanView")]

    public ActionResult List()
    {
       ...
    }

I have an enum with name Permissions

public enum Permissions { CanDoEdit, CanView, CanInsert }

The RequirePermission class looks like

public class RequirePermission : ActionFilterAttribute
    {
        public string permissions;
        string[] param = { "," };
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {

            string[] requirePermissions = permissions.Split(param, StringSplitOptions.RemoveEmptyEntries);


           if (requirePermissions.Contains(Permissions.CanDoEdit.ToString()))
           {
                     //Check permission 
           }
           if (requirePermissions.Contains(Permissions.CanView.ToString()))
           {
                     //Check permission 
           }
           if (requirePermissions.Contains(Permissions.CanInsert.ToString()))
           {
                    //Check permission 
           }
        }
    }

Now instead of making different attributes , I want to use RequirePermission attribute like
[RequirePermission(permissions=Permissions.CanView+","+Permissions.CanEdit)] so that i can use it for different scenerious. but the compiler throw the following error.

An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-13T14:17:59+00:00

Editorial Team

2026-05-13T14:17:59+00:00Added an answer on May 13, 2026 at 2:17 pm

How about:

[Flags]
public enum Permissions 
{ 
    CanDoEdit = 1 << 0, 
    CanView = 1 << 1,
    CanInsert = 1 << 2
}

And then:

[RequirePermission(permissions = Permissions.CanView & Permissions.CanEdit)]

And finally to verify that CanView is set:

if ((requirePermissions & Permissions.CanView) == Permissions.CanView)
{
    // The user has CanView permission
}

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In ASP.NET MVC 2, to secure controller action, i have created a class RequirePermission

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply