using a base controller for entire asp.net MVC 4 project

.net asp.net-mvc inheritance
13,355

Solution 1

I have used a base controller before when dealing with things like overriding the User principal (see here for an old question of mine describing the idea: Is this Custom Principal in Base Controller ASP.NET MVC 3 terribly inefficient?).

I honestly couldn't think of a better way of doing this, so I feel that in this kind of scenario using a base controller can be a good thing.

I probably wouldn't have different base controllers for different authorization roles though as it is fairly simple (and less code) just to decorate the controller with [Authorize(Roles="whatever")] and it will be easier to see exactly what is happening.

It may be worth considering a custom AuthorizeAttribute.

Solution 2

IMHO what the post you reference says is absolutely true, but that's not a reason to not use a base controller. In fact I use a base controller in some of my ASP.NET MVC applications because of commodity.

This is no longer advisable:

Having a base controller to apply the [Authorize] attribute once is a common practice, and I don't see anything wrong on it.

Since MVC3 you can register global action filters like this:

GlobalFilters.Filters.Add(new MyAuthorizeAttribute());

Share:
13,355
user20358
Author by

user20358

Updated on July 26, 2022

Comments

  • user20358
    user20358 almost 2 years

    I am thinking of using a base controller for the entire MVC 4 project that I am working on. I have found conflicting views online about it and not really sure if it is against best practices or if it is just a matter of personal preference.

    Here is a stackoverflow post that says dont do it

    Here is a post that has shown how to do it like there are no harmful effects of it. Here and here as well they explain its usage where no one really is pointing out that it is bad practice or could lead to any issues going forward.

    So what really is the view on using a couple of base controllers in an MVC 4 project? Good? Bad?

    Edit

    I'd also like to point out that my immediate goal for using a base controller is so that I can have the Authorization done in one controller and so that all the controllers dont need to have the Authorize attribute. I will create separate base controllers for each role. Since the roles are never going to change I will never need to create another base controller for another role. What do you think of this way of going about designing the controllers?

    Thanks for your time.

  • user20358
    user20358 over 11 years
    Thanks for your reply. Would you think having multiple roles be a problem? Then for each role I would need a separate controller. One base controller for Admin. So that admin only pages inherit from that particular controller only. Similarly for other roles..
  • user20358
    user20358 over 11 years
    see thats the thing. I was trying to avoid decorating each controller with the authorize attribute. I just want the junior developers to know that if they are working on page which only an Admin can access then they should inherit from AdminController. I would enum each of these roles out with Admin being number 1 on the list.. so in my custom authorize attribute I can only have a check on greater than or less than the enum value provided by the base controller
  • Tom Chantler
    Tom Chantler over 11 years
    The problem may arise if you have complex requirements about which roles are allowed to do which things. I'm talking about if the requirements change later on. Decorating the controllers with some kind of custom AuthorizateAttribute is probably better (see link in edited answer).
  • eiximenis
    eiximenis over 11 years
    If all actions of a controller are authorized for the same roles i don't see a problem using a separated base controller for each role. But if you have controllers with actions authorized to one set of roles and other actions authorized to another set of roles maybe you should try an alternate approach.
  • user20358
    user20358 over 11 years
    Thanks. will check it out.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

.net core 2.1 VS 2017 basic web api throwing "this site can't be reached"
MVC 4 Razor - Creating a dynamic DropDownList
MVC - IoC Unity - Make sure that the controller has a parameterless public constructor
FileExtensions attribute of DataAnnotations not working in MVC
The type 'IEnumerable<>' is defined in an assembly that is not referenced
Razor 3 in Visual Studio 2012
Visual Studio Database Project Generate Script
What does the UnobtrusiveJavaScriptEnabled key do in .NET?
maintaning drop down selected state after post back in MVC razor?
Entity Framework: Check all relationships of an entity for foreign key use