Accessing current IPrinciple in a Master View in Asp.Net MVC - asp.net-mvc

I currently have a abstract controller class that I all my controllers inherit from.
I want to be able to use the current user (IPrinciple) object in my master page.
I read that I could use the contructor of my abstract base controller class, that is I could do something like
public BaseController()
{
ViewData["UserName"] = this.User.Identity.Name;
}
I could then access ViewData["UserName"] etc from my master page.
My problem is that this.User is null at this point.
Does anybody know of a different approach?
Thanks in advance.

You could write an ActionFilter and in the OnActionExecuted event put the user inside ViewData:
public class UserActionFilterAttribute : ActionFilterAttribute
{
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
base.OnActionExecuted(filterContext);
filterContext.Controller.ViewData["UserName"] = filterContext.HttpContext.User.Identity.Name;
}
}
And then decorate your base controller with this attribute:
[UserActionFilter]
public abstract class BaseController: Controller
{ }

Related

How can I use Base Controller in ASP.NET to record user actions?

I am required to record user action and I don't want to have code in every method is every controller so would it make sense to somehow do this in the basecontroller ? OR is there a better way?
public class BaseController : Controller
{
protected ILogger logger;
public BaseController(ILogger<BaseController> logger)
{
this.logger = logger;
}
public override void OnActionExecuting(ActionExecutingContext context)
{
//How do I get the current controller?
//How do I get the current method being called?
//How can I pass in additional parameters?
//How can I get the user?
logger.LogWarning("Loaded BaseController");
base.OnActionExecuting(context);
}
}
There are many ways to do that.
First: You could create your own base controller and implement OnActionExecution as you did. See the sample bellow to get information from ActionExecutingContext.
If you go this way, every controller that inhirits from this base controller will get the implementation of the logger because you are overriding OnActionExecuting (that applies to all actions of your controller).
public override void OnActionExecuting(ActionExecutingContext context)
{
//How do I get the current controller?
string controllerName = context.ActionDescriptor.ControllerDescriptor.ControllerName
//How do I get the current method being called?
string actionName = context.ActionDescriptor.ActionName;
//How can I pass in additional parameters?
foreach (var parameter in context.ActionParameters)
{
var parameterKey = parameter.Key;
var parameterValue = parameter.Value;
}
//How can I get the user?
var user = this.User; // IPrinciple instance, explore this object
logger.LogWarning("Loaded BaseController");
base.OnActionExecuting(context);
}
Second: On the other hand, you can use ActionFilters which is a class that inhirits from ActionFilter class and do the same implementation on this classe overriding the OnActionExecuting. Then you can decorate your controllers with this attribute to make the logger. Given it is an attribute, you have to define the name fo the class with a sufix Attribute and use without it. For sample:
public class LoggerAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext context)
{
// same code above
}
}
[Logger]
public class CustomerController : Controller
{
// actions code...
}
Third: Use the same action filter class and instead of applying on all classes you want, you define it as a global action filter and it will be applied to all controllers. You have to define it on GlobalFilter and if you are using the default template of asp.net mvc, you can define it on the FilterConfig.cs, for sample:
filters.Add(new LoggerAttribute());
For getting controller & action names you can use ActionDescriptor of ActionExecutingContext
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
var descriptor = filterContext.ActionDescriptor;
var actionName = descriptor.ActionName;
var controllerName = descriptor.ControllerDescriptor.ControllerName;
......
base.OnActionExecuting(filterContext);
}
Regarding User information: controller initialisation will occur before authorisation takes place. So all of yours controllers will be created before any OnAuthorization takes place.
Approach to deal with these situations is to use Action Filters. The Authorize Attribute is fired early than controller initialisation occur.
Have a look this articles:
How to get controller and action name in OnActionExecuting?
How do I get the action name from a base controller?
Getting User Identity on my base Controller constructor

Asp.Net MVC How to log all actions being called

I need to be able to log all actions that are called from my asp.net mvc application. How and what would be the best way to achieve this? Where I log it to whether it be the console or log file doesn't matter.
You could create your own class which inherits from ActionFilterAttribute and then override the OnActionExecuting method.
Example
public class LogActionAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var controller = filterContext.RequestContext.RouteData.Values["Controller"];
var action = filterContext.RequestContext.RouteData.Values["Action"];
//
// Perform logging here
//
base.OnActionExecuting(filterContext);
}
}
public class HomeController : Controller
{
[LogAction]
public ActionResult Index()
{
return View();
}
}
Hope this helps!
Credit HeyMega for their answer. Here's an example of an expanded implementation I arrived at in MVC5.
public class LogActionAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var controller = filterContext.RequestContext.RouteData.Values.ContainsKey("Controller") ? filterContext.RequestContext.RouteData.Values["Controller"].ToString() : null;
var action = filterContext.RequestContext.RouteData.Values.ContainsKey("Action") ? filterContext.RequestContext.RouteData.Values["Action"].ToString() : null;
var area = filterContext.RequestContext.RouteData.DataTokens.ContainsKey("Area") ? filterContext.RequestContext.RouteData.DataTokens["Area"].ToString() : null;
var user = filterContext.RequestContext.HttpContext.User.Identity.GetUserId();
Task.Run(() => Generic().AreaActionLog(user, area, controller, action));
base.OnActionExecuting(filterContext);
}
}
I chose to separate the method doing the actual logging into a separate process, if anything goes wrong with the Database interaction, or the DB interaction takes several seconds, the UI is uninterrupted.
You can then decorate the entire controller with [LogAction] attribute like so.
[LogAction]
public class HomeController : Controller
{
public ActionResult Index()
{
return View();
}
public ActionResult Contact()
{
return View();
}
}
Or selectively apply the attribute by decorating individual methods:
public class HomeController : Controller
{
[LogAction]
public ActionResult Index_Logs_Things()
{
return View();
}
}
Hope this helps someone.
You could try Audit.NET library with its Audit.MVC and the different data providers to store the logs on files, eventlog, sql, redis, mongo, and much more.
With the MVC extension you just need to decorate your controllers or actions with an attribute:
[Audit]
public class HomeController : Controller
{ ... }
Execute a static configuration to set the output of your logs:
Audit.Core.Configuration.Setup()
.UseFileLogProvider(_ => _
.Directory(#"C:\Logs"));
And it will provide the infrastructure to log the interactions with your MVC application.

ActionFilterAttribute mvc need to call One time

I have a scenario i need to check security for each menu item if user 'A' is allowed to access this menu or not and for that reason i created a class which is inherited with ActionFilterAttribute
public class SecurityFilter : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
Log("OnActionExecuting", filterContext.RouteData);
}
}
and using this class on my controller
[SecurityFilter]
public class XYZController : Controller
{
public ActionResult Index() {
return View();
}
}
Now the problem is in my View i have #Html.Action() calls e.g
#Html.Action("COM")
which results in calling onActionExecuting Method again, i Just want it to call it one time when menu link is clicked and for that method only where menu is redirecting not the other Action method which is render inside view
When called using #Html.Action the IsChildAction property of the filterContext will be true. You can rely on it to determine whether you actually want to do something or not:
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.IsChildAction)
return;
Log("OnActionExecuting", filterContext.RouteData);
}
See MSDN

accessing HttpContext.Request in a controller's constructor

I'm following this ASP.NET MVC tutorial from Microsoft:
My code is slightly different, where I'm trying to access HttpContext.Request.IsAuthenticated in the controller's constructor.
namespace SCE.Controllers.Application
{
public abstract class ApplicationController : Controller
{
public ApplicationController()
{
bool usuario = HttpContext.Request.IsAuthenticated;
}
}
}
The problem is that HttpContext is always null.
Is there a solution to this?
instead of putting your HttpContext.Request.IsAuthenticated in Controller level you should put it in Controller Base class that will be inherited in all of your controller with an override method of OnActionExecuting() method.
In your Controller base you should have
public class BaseController : Controller
{
protected override void OnActionExecuting(ActionExecutingContext ctx) {
base.OnActionExecuting(ctx);
ViewData["IsAuthenticated"] = HttpContext.Request.IsAuthenticated;
}
}
and all your Controller should inherit the BaseController class
public class ApplicationController : BaseController
now you should get the ViewData["IsAuthenticated"] in your Master page.
Edit
With the link you have given, and relating to what you have done, your ApplicationController is a Page Controller, not a Base Controller. In the example, ApplicationController is a Base Controller that is inherited by the HomeController but what you have done is you are placing the Action method inside your base controller which is the ApplicationController so your Action Index method will not be invoked when you call any page (Index page) that is not from the ApplicationController.
I would suggest you use:
System.Web.HttpContext.Current.Request
Just remember System.Web.HttpContext.Current is threadstatic, but if you don't use additional thread the solution works.
The Controller is instantiated significantly prior to the point where the Index action is invoked, and at the moment of construction HttpContext is indeed unavailable. What's wrong with referencing it in your controller method Index?
The solution of this problem is to create an override method of Initialize by passing RequestContext object.
public class ChartsController : Controller
{
bool isAuthed = false;
protected override void Initialize(System.Web.Routing.RequestContext requestContext)
{
base.Initialize(requestContext);
if (requestContext.HttpContext.User.Identity.IsAuthenticated)
{
isAuthed =true;
}
}
}
With the answer I am posting here, you cannot access IsAuthenticated, but you can access some stuffs related to HttpContextRequest (see in image),
I needed session value in constructor.
You can use IHttpContextAccessor as below:
public ABCController(IHttpContextAccessor httpContextAccessor)
{
//do you stuff with httpContextAccessor,
// This gives session value
string abc = httpContextAccessor.HttpContext.Session.GetString("Abc");
}
and in startup.cs, you need to configure,
services.AddHttpContextAccessor();
It is possible to get the HttpContext using IHttpContextAccessor injected into class constructor. Before doing so, you will need first to register the corresponding service to the service container in Startup.cs class or Program.cs such as below.
services.AddHttpContextAccessor(); // Startup.cs
builder.Services.AddHttpContextAccessor(); // Program.cs
Right after that, you can inject the IHttpContextAccessor interface in whererever method or class constructor.
private bool isAuthenticated { get; set; }
public ConstructorName(IHttpContextAccessor accessor)
{
var context = accessor.HttpContext;
isAuthenticated = context.User.Identity.IsAuthenticated;
}

What is the basepage equivalent in MVC

In my ASP.Net web sites I have the following code that I am able to use site-wide.
How do I do the same in ASP.Net MVC2?
public class BasePage : Page
{
public BasePage()
{
this.PreInit += new EventHandler(BasePage_PreInit);
}
/// <summary>Every page executes this function before anything else.</summary>
protected void BasePage_PreInit(object sender, EventArgs e)
{
// Apply Theme to page
Page.Theme = "Default";
}
public bool IsSiteAdmin(string userName)
{
if (System.Web.Security.Roles.IsUserInRole(userName, "SiteAdmin1"))
return true;
return false;
}
}
Not sure how themes fit into MVC (not very well I suspect), but in general you just need to create a base controller class.
public class BaseController : Controller
and then derive all your controllers off this base.
public class HomeController : BaseController
That way, you can have common functionality available to all controllers. eg your IsSiteAdmin method.
As zaph0d said, you want to override the Controller class. There are several "events" you can override when creating your own Controller class. A list of those would be here:
http://msdn.microsoft.com/en-us/library/system.web.mvc.controller_members.aspx
Here's what you might want to do. Note that I have no idea what Page.Theme is or does.
public class BaseController : Controller
{
protected string Theme { get; set; }
protected override void OnActionExecuting(ActionExecutingContext context)
{
Theme = "Default";
}
public bool IsSiteAdmin(string userName)
{
return System.Web.Security.Roles.IsUserInRole(userName, "SiteAdmin1");
}
}
MVC has master pages and views. It sounds like you want your Controller to have some base logic in it instead of your page. In your controller you can select a different master page when rendering your views, based on your condition, if you want.

Resources