I'll try to be clear.
In most instances of authentication and authorization of access in ASP.NET MVC, I see that the authorization control is usually done in Controller
, with the decoration of the class itself inherited from Controller
, or even by decoration of the Actions
with attribute Authorize
.
With this in practice, all items contained within my view
attached to this Action
will be on the same authorization level.
The question is: Is there any elegant way to make a component of my view
change rule according to Role
of user?
Simple example: One button appears only for users of type Administrator, something very specific.
I thought of something like, passing the user access level to a viewbag
and making a condition to display the example button with Razor
, I do not know if this solution would be the most appropriate. Is there any more elegant way?