Allow Multiple Providers with Authorize Attribute

2

I'm trying to implement Roles permissioning within my controller:

   [PerfilFiltro(Roles = "Administrador,Caixa")]
   public ActionResult Index()
    {
        return View(db.Adicional.ToList());
    } 

 public class PerfilFiltro : AuthorizeAttribute
{

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        base.OnAuthorization(filterContext);

        if (filterContext.Result is HttpUnauthorizedResult)
            filterContext.HttpContext.Response.Redirect("/Home/Negado");
    }


}

I want to do as follows:

What happens when I put between commas is that the role of the logged-in user must be admin AND box, but I want to OR admin OR box.

    
asked by anonymous 24.09.2014 / 02:33

1 answer

1

Apparently everything is ok, but just in case, if you want to test the validation behavior, try reimplementing the AuthorizeCore method and debug it:

protected override bool AuthorizeCore(HttpContextBase httpContext)
{
    var isAuthorized = base.AuthorizeCore(httpContext);
    return isAuthorized;
}

Incidentally, you can modify this method and implement whatever behavior you want, if you deem it necessary.

    
24.09.2014 / 06:18