Possible Duplicate:
Fluent Security - configuring parameterized controller actions
I'm trying out Fluent Security to enforce security policies in an ASP.NET MVC application, but I can't define policies for controller methods that take parameters. As an example of what I mean, the following code snippet shows the controller that should be secured:
public class AccountController : Controller
{
...
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
return RedirectToAction("Index", "Home");
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Disassociate(string provider, string providerUserId)
{
return View();
}
}
And, this code snippet shows (conceptually) how I'm trying to configure Fluent Security to allow authenticated access to the two controller methods.
SecurityConfigurator.Configure(config => {
config.For<AccountController>().DenyAuthenticatedAccess();
config.For<AccountController>(x => x.LogOff()).DenyAnonymousAccess();
config.For<AccountController>(x => x.Disassociate()).DenyAnonymousAccess();
});
The latter code won't build however, due to there being no arguments to Disassociate. The compiler reports the following: No overload for method 'Disassociate' takes 0 arguments.
How do I configure Fluent Security for the method AccountController.Disassociate(string, string)?
It appears that you can pass any value(s) of the expected type(s), so in my case I can do the following just to appease the compiler:
config.For<AccountController>(x => x.Disassociate("", "")).DenyAnonymousAccess();