How to redirect user not in proper role to Not Permitted?

Question

While using SimpleMembershipProvider in MVC 4 project, when user without proper role runs action, he's redirected to Account/Login. How can I redirect user to my own "Not enough permissions to view the page" action?

Answer 1

You can overwrite the method to do it

public class CustomAuthorizeAttribute : AuthorizeAttribute {
    public override void OnAuthorization(AuthorizationContext filterContext) {
        base.OnAuthorization(filterContext);

        if (filterContext == null) {
            throw new ArgumentNullException("filterContext");
        }

        if ({your code detecting no user is logged}) {
            filterContext.Result = new RedirectResult(System.Web.Security.FormsAuthentication.LoginUrl + "?returnUrl=" + filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.RawUrl));
            return;
        }

        if ({your code detecting that the user has no access}) {
            var ViewData = new ViewDataDictionary();
            ViewData.Add("Title", "No access");
            ViewData.Add("Description", "blah blah blah blah blah blah blah ");
            filterContext.Result = new ViewResult { ViewName = "~/Views/Shared/NoAccess.cshtml", ViewData = ViewData };
        }

    }