I have the following action method :-
[OutputCache(Duration = 120, VaryByParam = "*")]
[CheckUserPermissions(Action = "Read", Model = "Switch")]
public ActionResult RackSwitch(int id, int page = 1)
{
//code goes here
The first action filter will cache the data for 120 seconds , while the second action filter will perform custom authorization check an will return _unauthrized view in-case the authorization fail as follow:-
public class CheckUserPermissionsAttribute : ActionFilterAttribute
{
public string Model { get; set; }
public string Action { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//code goes here
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
var viewResult = new JsonResult();
viewResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
viewResult.Data = (new { IsSuccess = "Unauthorized", description = "Sorry, you do not have the required permission to perform this action." });
filterContext.Result = viewResult;
}
else
{
var viewResult = new ViewResult();
viewResult.ViewName = "~/Views/Errors/_Unauthorized.cshtml";
filterContext.Result = viewResult;
}
}
base.OnActionExecuting(filterContext);
}
}
}
So my question is weather the order of the action filter matter ? So is doing Outputcache first then custom authorization , different than doing the custom authorization first then the outputcache ? Thanks
What matters is not the order of the attributes but the order in which the framework looks for them. In this case the framework will process the Authorize attribute first and if that fails it will not even be aware of the Caching attribute.