c# - Combine custom AuthorizeAttribute and RequireHttpsAttribute -

-

i have custom requirehttpsattribute , custom authorizeattribute apply in filterconfig ensure controllers uses https , authorizes in same way.

i have controller action need other authorization. in case must first use [overrideauthorization] override global authorization filter, , can set special authorization action.

but [overrideauthorization] override customrequirehttpsattribute since inherts iauthorizationfilter. can don't have readd customrequirehttpsattribute attribute every time override authorization?

public class filterconfig {     public static void registerglobalfilters(globalfiltercollection filters)     {         filters.add(new customrequirehttpsattribute());         filters.add(new customauthorizeattribute(role = "user"));     } }  public class mycontroller : basecontroller {     public actionresult dosomeuserstuff()     {     }      [overrideauthorization]     [customrequirehttpsattribute]     [customauthorizeattribute(role = "admin")]     public actionresult dosomeadminstuff()     {     } }

i ended creating own custom ifilterprovider based on modified version of this post.

i added attribute can use controllers or actions want override attribute set globally. nothing else extend customauthorizeattribute carries same functionality:

public class overridecustomauthorizeattribute : customauthorizeattribute {}

then create ifilterprovider checks presence of overridecustomauthorizeattributes in list of filters. if so, remove customauthorizeattributes list:

public class customfilterprovider : ifilterprovider {     private readonly filterprovidercollection _filterproviders;      public customfilterprovider(ilist<ifilterprovider> filters)     {         _filterproviders = new filterprovidercollection(filters);     }      public ienumerable<filter> getfilters(controllercontext controllercontext, actiondescriptor actiondescriptor)     {         var filters = _filterproviders.getfilters(controllercontext, actiondescriptor).toarray();          var shouldoverridecustomauthorizeattribute = filters.any(filter => filter.instance overridecustomauthorizeattribute);         if (shouldoverridecustomauthorizeattribute)         {             // there overridecustomauthorizefilterattribute present, remove customauthorizeattributes list of filters             return filters.where(filter => filter.instance.gettype() != typeof(customauthorizeattribute));         }          return filters;     } }

i register ifilterprovider in global.asax.cs:

public class mvcapplication : system.web.httpapplication {     protected void application_start()     {         // other stuff first....          var providers = filterproviders.providers.toarray();         filterproviders.providers.clear();         filterproviders.providers.add(new customfilterprovider(providers));     } }

and register global customauthorizeattribute in filterconfig.cs before:

public class filterconfig {     public static void registerglobalfilters(globalfiltercollection filters)     {         filters.add(new customrequirehttpsattribute());         filters.add(new customauthorizeattribute(role = "user"));     } }

the difference use overridecustomauthorizeattribute in controller instead:

public class mycontroller : basecontroller {     public actionresult dosomeuserstuff()     {     }      [overridecustomauthorizeattribute(role = "admin")]     public actionresult dosomeadminstuff()     {     } }

this way, customrequirehttpsattribute set globally , never overridden.


Comments

Post a Comment

Popular posts from this blog

ruby - Trying to change last to "x"s to 23 -

-
i have been playing around irb , have string looks this: irb(main):072:0> puts ["[\"4354 5432 5432 xxxxx\", \"6547 6547 8543 xxxxx\", \"2344 6543 6674 xxxxx\", \"2346 6236 7543 xxxxx\", \"1273 5585 5587 xxxxx\"]"] => nil irb(main):073:0> what want gsub last 2 "x" s of each 17 digit combination, 23 . what i've tried far (i've been using rubular): a.gsub(/\d[x]/,"23") <= grabs "x" s i'm close a.gsub(/\w[x{2}]/,"23") <= grabs "x" s grabs two digits each combination. is there easier way i'm not understanding? a.gsub(/\d{4} \d{4} \d{4} xxx\kxx/, '23') \d{4} = 4 digits what \k drop matched far. can use don't replace entire number, still able validate have in desired format.
Read more

jquery - Clone last and append item to closest class -

-
this bare-bones code on page: <div class="list-container"> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> </div> <p><button class="add-list-item">add</button></p> <div class="list-container"> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> </div> <p><button class="add-list-item">add</button></p> <di...
Read more

css - Can I use the :after pseudo-element on an input field? -

-
i trying use :after css pseudo-element on input field, not work. if use span , works ok. <style type="text/css"> .mystyle:after {content:url(smiley.gif);} .mystyle {color:red;} </style> this works (puts smiley after "buu!" , before "some more") <span class="mystyle">buuu!</span>a more this not work - colors somevalue in red, there no smiley. <input class="mystyle" type="text" value="somevalue"> what doing wrong? should use pseudo-selector? note: cannot add span around input , because being generated third-party control. :after , :before not supported in internet explorer 7 , under, on elements. it's not meant used on replaced elements such form elements (inputs) , image elements . in other words it's impossible pure css. however if using jquery can use $(".mystyle").after("add smiley here"); api docs on .after to ...
Read more