custom AuthorizeAttribute + custom SiteMapProvider related?

StackOverflow https://stackoverflow.com/questions/2052826

Question

I have a custom SiteMapProvider (populated from database) and a custom AuthorizeAttribute (validates current users roles + requested page against Role_Page database) for controller classes.

I have to implement the function SiteMapProvider.IsAccessibleToUser(context, node). I also have to implement AuthorizeAttribute.AuthorizeCore(context).

How are these two functions related? Isn't there some way to 'attribute' the SiteMapProvider?

Some code:

edit: Might this be a solution (inside AuthorizeCore())? context however is HttpContextBase, and IsAccessibleToUser() only takes HttpContext as parameter.

If Not SiteMap.Provider.IsAccessibleToUser(context, SiteMap.CurrentNode) Then

current code:

Public Class CustomValidateAuthorization : Inherits AuthorizeAttribute
    Public Sub New()

    End Sub

    Protected Overrides Function AuthorizeCore(ByVal httpContext As System.Web.HttpContextBase) As Boolean
        If Not Global.Page.IsAccessibleToUser(httpContext.User) Then
            //Exception or redirect (in exception)?
            // or return false?
        End If

        Return True
    End Function
End Class

Public Class CustomSiteMapProvider : Inherits StaticSiteMapProvider
Public Overrides Function IsAccessibleToUser(ByVal context As System.Web.HttpContext, ByVal node As System.Web.SiteMapNode) As Boolean
    Dim p As New BLL.Page
    p.LoadFromSiteMapNode(node)

    Return p.IsAccessibleToUser(context.User)
End Function
End Class
Was it helpful?

Solution

I currently use the default sitemapprovider twice.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top