Our site has a complex administrative hierarchy with a a few behavioral splits. To best direct user traffic, I created Authorization filters called MangersOnly, AdminOnly, NonAdmins.
I envisioned using them in this way
[MangersOnly]
public ActionResult Index()
{
}
[AdminOnly]
public ActionResult Index()
{
return redirectoaction("Index", "Admins");
}
[NonAdmins]
public ActionResult Index()
{
return redirectoaction("Shouldntbehere", "Errors");
}
What I sadly discovered was that attributes don’t act as overloads to my action methods.
This architecture is to avoid all the logic checks we have to do (if role this or that stay, else redirect to here or there…). The goal is to direct traffic to the action method who’s authorize attribute won’t fail.
Is there a way I can overload these methods (w/o changing their parameters or names), keeping this sweet (tho naive) architecture to channel users to?
In C# (and any other language I can think of) you can’t have more than one method (MVC or not) with identical signatures (attributes are not part of the signature); so this approach cannot work.
How about generating the anchor links ()in the view) based on the permissions of the user e.g. IndexManager, IndexAdmin, etc and add the role based security as normal. The names
IndexManagerdon’t make sense here which would make me think more about what is the user doing, is that a better name for the action? Only you know your domain to answer this.Or go with a base controller for common functionality and inherit for each security level behaviours.
You might also want to consider permission based filtering not role based, see http://lostechies.com/derickbailey/2011/05/24/dont-do-role-based-authorization-checks-do-activity-based-checks/