Custom Filter Attribute does not run on code call

248 views Asked by At

I am using a Custom Action Filter to authorize users to Actions, some of which return an ActionResult while others return a JsonResult.

For every regular action system performs OK. But, now I have another requirement to implement where my design fails.

The View posts to:

[AuthorizationFilter(Entity = AuthEntity.MyItem, Permission = AuthPermission.Write)]
public JsonResult Edit(MyModel model)

where I check the user's authorization for Write operation. This check performs OK. But actually my Action just checks a condition and the redirects the Action to another Action in the Controller as follows:

[AuthorizationFilter(Entity = AuthEntity.MyItem, Permission = AuthPermission.Write)]
public JsonResult Edit(MyModel model)
{
    if (model.Id == 0)
    {
        return Insert(model);
    }
    else
    {
        return Update(model);
    }
}

Also the Update Action checks for a certain state which requires another authorization:

public JsonResult Update(MyModel model)
{
    if (model.StatusId == (int)Shared.Enumerations.Status.Approved)
        {
            return UpdateRequiresApproval(model);
        }
        else
        {
            return UpdateRequiresNonApproval(model);
        }
    }

[AuthorizationFilter(Entity = AuthEntity.MyItem, Permission = AuthPermission.Approve)]
public JsonResult UpdateRequiresApproval(MyModel model)

The thing is, although I have a custom attribute filter defined on UpdateRequiresApproval action it does not run the filter (possibly) because it is being redirected by another action by means of a code call, but not from the View directly.

How can I make my filter run when code falls to the UpdateRequiresApproval action?

Regards.

0

There are 0 answers