I have a Telerik RadGrid within a .ascx (user control) that requires a *_NeedDataSource method to populate the grid's DataSource.
The same user control is doing some user authentication, simply checking HttpContext.Current.User.Identity.IsAuthenticated and doing a Response.Redirect(url, false) if it is false.
I'm seeing exceptions being raised on our live system due to the *_NeedDataSource method being called when the user is not logged in, this seems to be possible because I pass false as the value of the endResponse parameter to Response.Redirect (which allows all subsequent page events to execute). The original author coded it this way as I assume he was going on the guidance of the community:
- Using endResponse in a Response.Redirect
- https://blogs.msdn.microsoft.com/tmarq/2009/06/25/correct-use-of-system-web-httpresponse-redirect/
I've been trying to work out a way that I can reliably prevent execution of *_NeedDataSource without reverting to an endResponse value of true.
I can think of some ways which involve flag setting and checking but that seems inelegant and subsequent developers could forget to implement the same pattern. I've also tried implementing a base control type to derive from which overrides OnPreRender (or whatever), similar to the response from Alexander Manekovskiy to this question: ASP.NET Redirect and End Page but I cannot work out the method to override that will prevent execution of *_NeedDataSource.
Can anyone recommend an approach that would work in this situation and wouldn't require too much cognitive overhead?
In the code which calls/accesses
*_NeedDataSource, check the status code of the currentResponse. If the status code is 302, then aResponse.Redirect()has been called earlier in the request handling: