How to execute controller logic in filters in webapi

Question

1.00/5 (1 vote)

See more:

I have existing logic to validate against database in place.For eg. I have two controllers, ControllerA & ControllerB, i have AuthorizeAttribute on ControllerA, Now when i get request for ControllerA action method, first my Custom AuthorizeAttribute get request it process some authorization logic and then control goes to ControllerA action method, now i want before my ControllerA action method is hit i want some validation on ControllerB to be performed and again control goes to ControllerA action method. In short i want other controller method(some logic) to be executed before actual requested action method is called.

C#

public class ControllerA : ApiController
{
//some code

[MyCustomAuthorizeAttribute]
public SomeClass MyMethod() {
    return new SomeClass();
}
}

public class ControllerB : ApiController
{
//some additional existing logic here

public bool IsValidUser() {
    //perform addtional check using existing logic
    return true;
}

}


public class MyCustomAuthorizeAttribute : AuthorizeAttribute
{
//Some authorization logic here

//I want to execute ControllerB action method IsValidUser() here 
//If i reieve true the control should go to ControllerA MyMethod 

}

What I have tried:

Instead of changing existing tested and deployed code we can create new filter and apply on required methods.

Posted 5-Apr-19 5:51am

sid2586

Updated 5-Apr-19 6:12am

Add a Solution

Comments

Richard Deeming 5-Apr-19 12:11pm

That makes no sense. Put all of the authorization logic in the authorization attribute. Or move it to its own class, and call it from wherever you need it.

If you need some additional logic in certain cases, create a second authorization attribute, and add both to the relevant actions / controllers.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

David_Wimbley · Answer 1 · 2019-04-05T06:12:00

Rather than trying to fit a square peg through a round hole, you need to refactor your code to something that will actually work and make sense. Calling controller code from an attribute doesn't make sense.

Pull the IsValidUser method out of the Controller B, move it to a class called MyCustomAuthenticator and then call it like so var auth = new MyCustomAuthenticator(); auth.IsValidUser();

But to answer your question exaclty as you asked, just instantiate the controller inside your attribute and call it that way. This is not a good idea.

public class MyCustomAuthorizeAttribute : AuthorizeAttribute
{
//Some authorization logic here

//I want to execute ControllerB action method IsValidUser() here 
//If i reieve true the control should go to ControllerA MyMethod 
 public void AnExampleMethodCuaseThereWasntOneHere()
 {
    var controllerB = new ControllerB();
    controllerB.IsValidUser();
 }
}

I don't know what "//If i reieve true the control should go to ControllerA MyMethod" means, it sounds like you want to do a redirect to Controller A but you need code used in Controller B to do so.

In short, the better option here is to refactor your code, this is a good example of situations where you come back to it in 5 months and not know whats going on with it.