October 28, 2014 09:04 by
Peter
In the previous post we took a glance at the new authentication filter and its strong points. There's an extra new filter that has been free with ASP.NET MVC 5 Hosting that was requested by several developers out their over a protracted time. This can be the new filter override feature! Within the previous versions of MVC, there was no thanks to override a filter for simply one action or controller. What you had to do is to use the filter for every and each action and controller one by one and this was an enormous waste of development time. Rather than doing this developers found ways to implement filter overrides using workaround. But usually the usage of workarounds cause the lack of code consistency. Therefore as an answer for this, Filter Overrides feature was introduced in MVC 5.
Filter Overrides in action
Imagine a situation where you want to exclude a globally applied authorization filter just only for a single action method. This was one thing you may not implement easily with the previous versions of MVC. however now the MVC 5 Filter Overrides feature provides you this capability with few lines of code. Lets have a glance at the following code snippet:
[Authorize(Users = "Admin")]
public class HomeController : Controller
{
public ActionResult Index()
{
return View();
}
public ActionResult About()
{
ViewBag.Message = "Your application description page.";
return View();
}
public ActionResult Contact()
{
ViewBag.Message = "Your contact page.";
return View();
}
}
As you'll see AuthorizeAttribute has been embellished to the HomeController class with the user ‘Admin’. so it applies to all or any the actions within the controller. Assume you would like to bypass this filter only for the ‘About’ action. you would like to provide access to ‘About’ page just for user ‘Peter’ only. In MVC 5 you'll achieve this by adding 2 lines of code as illustrated in the following code snip.
OK. That’s it. currently all the actions inside the home Controller will only be accessed by ‘Admin’ except the ‘About’ action. The ‘About’ action is merely accessible for ‘Peter’. therefore now you'll get eliminate the headache of applying filters for every and each action wherever you would like to exclude only one or 2 actions.
There are 5 kinds of override filters accessible for every of filter types:
- OverrideActionFilters
- OverrideAuthentication
- OverrideAuthorization
- OverrideExceptionFilters
- OverrideResultFilters
You will use the relevant override filters where is required.
Filter Override Bug Workaround
For making a bug workaround you'll have to do some of things:
Implement a custom class that may inherit from the action filter that you just wish to override and implement the IOverrideFilter. You’ll have to implement the FiltersToOverride property wherever you have got to identify the filters that you wish to override. for example lets create an easy workaround for the instance that has been described above:
public class MyOverrideAuthorizeAttribute : AuthorizeAttribute, IOverrideFilter
{
public Type FiltersToOverride
{
get
{
return typeof(IAuthorizationFilter);
}
}
}
Then, the Controller implementation will change to:
[Authorize(Users = "Admin")]
public class HomeController : Controller
{
public ActionResult Index()
{
return View();
}
[MyOverrideAuthorize(Users = "Peter")]
public ActionResult About()
{
ViewBag.Message = "Your application description page.";
return View();
}
public ActionResult Contact()
{
ViewBag.Message = "Your contact page.";
return View();
}
}