This project is read-only.

Authorization on many controllers/actions

Topics: Customizing Orchard
Jun 24, 2015 at 9:40 PM
Is there a way to enable Orchard Authorization on all controllers/actions rather than using something like this in all classes and functions (actions):
        public AccommodationsController(
            IOrchardServices services,
            IShapeFactory shapeFactory,
            ISiteService siteService) {
            _siteService = siteService;

            Services = services;

            T = NullLocalizer.Instance;
            Shape = shapeFactory;

f (!Services.Authorizer.Authorize(Permissions.GIBSBackOffice, T("Not authorized")))
                return new HttpUnauthorizedResult();
The above works but it mean adding the same code over and over again. Is it safe to use Global Filters as that will probably affect the entire Orchard CMS and not just my module? Any other better way? Thanks.
Jun 24, 2015 at 9:47 PM
You can create a filter attribute to do it. It's necessary to have the one in Services as it accepts a context, like the content item you would like to check a permission on. Not even sure that what you are looking for is not already in the source code, try to find all the usages of Authorize.