Learning AngularJS and use it with ASP.Net MVC – Controller on MVC view

I’ve been using book Build Single Page Application with ASP.Net MVC 5 and AngularJS.

On chapter 4, at Creating first angular controller, book’s code didn’t work in my case. I’m using Angular version 1.3.15.

I had to make following changes:

At _Layout.cshtml, identify the app:

<html ng-app=”myApp”>

At homeIndex.js (the file storing the angular controller definition):

//homeIndex.js

var app = angular.module(myApp, []);

app.controller(‘homeIndexController’, function ($scope) {

$scope.fname = “John”;

$scope.lname = “Doe”;

});

 

And at the view, from where the angular controller is supposed to be called, Index.cshtml:

@section scripts

{

<script src=”~/js/homeIndex.js”></script>

}

<div ng-app=”myApp” ng-controller=”homeIndexController”>

Fname:- {{fname}} <br />

Lname:- {{lname}}

</div>

Will write this comment at Amazon too. Either AngularJS has changed since the version author was using (he says it is 1.2.26 or there may be some errors on sample code at the book.

Cheers.

Planes para esta semana 18-22 de mayo 2015

Trabajar en 2 proyectos en Zgura (como siempre, estamos haciendo excelentes soluciones de software!). Asp.Net MVC, JS, WIF, Microsoft Azure y SQL Database.

Continuar estudiando Single Page Web App utilizando ASP.Net MVC 5, WEB API 2 y Angular JS. Building Single Page App With ASP.NET MVC 5 and Angular

Continuar leyendo the wright brothers david McCullough.

Saludos!

Custom attribute with WIF claims based authorization

WIF is Microsoft framework for building applications using token security services and claims. Claims are like attributes that describe the user. An example could be the claim Role with a value “Administrator”. Another example, claim Location, value “ManaguaOffice1”.

I can develop an application that can validate claims and act in consequence, like allowing access to some functionality based on Role or location claims.

You can find a nice explanation on the topic here: Introduction to claims based authentication in .Net

I’d like to share an implementation of claims based authorization. This is a solution we developed at a ASP.Net MVC 5 project that uses WIF and OWIN security. We needed to provide a simple way to set authorization for users to access application functionality based on their roles.

As the functionality users have access to is implemented using ASP.Net MVC controllers and controller’s action methods, we needed a custom attribute that could be applied to either controller or action level. We developed an alternative custom attribute, here the code:

//
//Enables custom claims based authorization.
//It uses role claim type.
//Role values get from Auth DB.
//

public class RoleAuthorizeAttribute : AuthorizeAttribute
{

private string[] claimValues;

public RoleAuthorizeAttribute(string allowedRoles)
{
claimValues = allowedRoles.Split(‘,’);

var userProfile = UserProfileRepository.Get(HttpContext.Current.User.Identity);
var identity = UserProfileRepository.AddClaimsRole(userProfile, HttpContext.Current.User.Identity);

}

public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
{

bool isInRole = false;

foreach (var str in claimValues)
{
//It can manages white spaces before and after the role name.

isInRole=HttpContext.Current.User.IsInRole(str.Trim());

if (isInRole) break; //break foreach as user is in one of the required roles.
}

if (isInRole)
{
base.OnAuthorization(filterContext);
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}

}
}

This class inherits from AuthorizaAttribute class and overrides the onAuthorization action filter to allow to “inject” the custom attribute. It can work for more than one role. I’d implement it at the controller like below:

[HttpPost]
[RoleAuthorize("user, admin")]
public ActionResult MyAction(int id)
{
....

 

Cheers.