Home/ Questions/Q 9247763
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T09:48:53+00:00

We’re using the [Authorize (Roles=yadda, yadda2)] attribute on our controllers and I’m wondering if

  • 0

We’re using the [Authorize (Roles="yadda, yadda2")] attribute on our controllers and I’m wondering if there is a built in mechanism for discovering if they have access then from the view?

[Authorize (Roles="System Administrator, Administrator")]
public abstract class OperationsBaseContoller : BaseController
{
    // omitted
}

// some view
@if(HasAccessTo<OperationsBaseController>())
{
   <a href="#somewhereInOperations">Operations Action</a>
   <a href="#anotherInOps">Example</a>
   <a href="#oneMore">filler</a>
}

Something like above would be great so that I can avoid rendering links that can’t be delivered to them anyways. I do NOT, however, want to put list available roles in the view again has in User.IsInRole("...."), as this seems like a maintenance / duplicate code nightmare. I figured that if they gave us the attribute, they also gave a built-in way for checking it from the view.

If not (couldn’t find it on my own), I’ll write my own, but wanted to avoid potential wheel reinvention.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There are a few useful extension methods that accomplish exactly this 

    Html.ActionAuthorized

Html.ActionLinkAuthorized

    published at

    http://vivien-chevallier.com/Articles/create-an-authorized-action-link-extension-for-aspnet-mvc-3

    In this article I will explain how to create an action link extension that is authorizations aware, so that we can hide or disable an action link based on its authorizations.

    • 0