0
我希望創建一個Action Filter來檢查用戶是否創建了一些內容。如果他們不這樣做,那麼我想阻止這個動作被執行並返回一個錯誤。防止在Action Filter中執行
這是我到目前爲止有:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using uQuiz.Domain.Abstract;
using uQuiz.WebUI.Helpers;
using Microsoft.AspNet.Identity;
using System.Net.Http;
using System.Net;
namespace uQuiz.WebUI.Controllers.Filters
{
/// <summary>
/// Determines whether the current logged in user has permission to edit the quiz requested
/// </summary>
public class CanEditQuiz : ActionFilterAttribute
{
IQuizEntities Context;
public CanEditQuiz()
{
}
public CanEditQuiz(IQuizEntities context)
{
this.Context = context;
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
// Get the URL ID from the request
string urlId = actionContext.ModelState["urlId"].Value.ToString();
int userId = HttpContext.Current.User.Identity.GetUserId<int>();
if (!QuizHelper.IsQuizOwner(this.Context, urlId, userId))
{
// Prevent action executing
}
base.OnActionExecuting(actionContext);
}
}
}
我見過other questions提的設置Result
到null
,但是當我推翻了OnActionExecuting
方法有HttpActionContext
,而不是ActionExecutingContext
出於某種原因?
如何防止執行該操作?
謝謝你,我改變了我的using語句以及越權現在是正確的。 – Luke 2014-11-06 11:14:30