0

I trying to pass value into custom attribute from view side in ASP MVC. My process flow will be like this -->

  1. fill employee details
  2. click on save button
  3. Password window has to open
  4. this password i want pass in custom attribute (Stuck Here)
  5. Condition will check password is correct or not

Below is my Custom Attributes 

public class LevelSecurityAttribute : ActionFilterAttribute
{
    public string PageName {get;set;}
    public string Password { get; set; }
    public string InvokeMethod { get; set; }

    public void LevelSecurity(string pagename,string invokemethod,string password)
    {
        this.PageName = pagename;
        this.Password = password;
    }
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        //My Condition logic
        base.OnActionExecuting(filterContext);

        filterContext.Result=new  RedirectResult("~/"+PageName+"/"+InvokeMethod);
    }
}

Below is my Action Method 

[HttpPost]
[ValidateAntiForgeryToken]
[LevelSecurity(PageName = "DocumentType", InvokeMethod = "Index", Password = **Need pass Password from View side stuck here**)]
public ActionResult Create(EmployeeMaster Employee,string password)
{
    //Insert Employee Data if Password is Valid
    return View();
}

Please friends help me and if my concept is wrong please let me know.

Improve this question

1 Answer 1

Reset to default
1

You can't. Use the same ActionExecutingContext object to grab the posted value via the ActionParameters property. You don't have to specify the password parameter again in the Create method signature, unless you need it there too. If you don't want to hardcode the parameter key, promote it to a property in the action filter class, like you did with PageName and InvokeMethod. Btw, there are well established ways to do authentication and authorization with ASP .Net, from FormsAuthentication to ASP .Net Identity. 

public override void OnActionExecuting(ActionExecutingContext filterContext)
{

    base.OnActionExecuting(filterContext);

    var password = filterContext.ActionParameters.ContainsKey("password") 
                ? filterContext.ActionParameters["password"] : null;
    ....

}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

In other words, you can't pass in the password, but you can access the request context and get the value from there.
Yes... anyway I don't think OP will have any success with this scenario either. Should a client pass his password with every request??

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.