How To Hide Edit Page - 【StackMirror】|c#|asp.net|asp.net-mvc-3|asp.net-mvc-3-areas

Hi people am trying to hide the edit page in MVC3 C# so when a user trys to enter "Edit" in the browser some form of page comes up informaing the user this is not allowed.

If you require more information please ask

Thank You

2012-04-05 20:41
by user1137472

just display the form in the readonly fields? remove the form altogether as you mentioned hide in the question? what are you trying to achiev - Rafay 2012-04-05 20:45

I suggest setting up redirects in your config file. Add the following to system.web in your web.config file and update the redirect path to whatever you want to redirect to..

  <customErrors mode="On" defaultRedirect="Error">
      <error statusCode="302" redirect="Error/PageNotFound" />
      <error statusCode="404" redirect="Error/PageNotFound" />
      <error statusCode="403" redirect="Error/AuthorizationError" />
    </customErrors>

2012-04-05 21:19
by JP.

It doesn't sound like you actually want something that specifically handles returning errors for an edit page. It sounds like you want a global way of processing any uncaught errors. Specifically, how to handle 404 errors, AKA errors that happen when a user accesses a page that doesn't exist.

See http://community.codesmithtools.com/CodeSmith_Community/b/tdupont/archive/2011/03/01/error-handling-and-customerrors-and-mvc3-oh-my.aspx for ideas, it includes information on how to handle 404 errors in MVC3.

You shouldn't be getting an error specifically telling you your View doesn't exist unless you created an action with no corresponding View. Given that there is no edit page, if you do have an edit action I would delete it.

2012-04-05 20:57
by DMulligan

You can put the [Authorize] attribute on the controller action method.

 [Authorize(Roles = "Admin, Super User")]
 public ActionResult Edit()
 {
     return View();
 }

2012-04-05 20:43
by Scorpion-Prince

I do not have roles I just dont want anyone to access the edit that is all thanks for the answe - user1137472 2012-04-05 20:45

@user1137472 If you don't want anyone to access this edit page then why does the edit page exist - DMulligan 2012-04-05 20:46

It does not exsist its just when i run the application and put edit into the browser i get an error saying thei view does not exsit, therefore i want a more sutable message like you "oops there has been a error - user1137472 2012-04-05 20:49

Putting an [Authorize] attribute without any roles will allow all "logged in" users to access it. If you want no one to access it, you can use the Authorize attribute with a role that does not exist (like a GUID) or something. code[Authorize("9EE075C8-30EB-4F53-B648-7B794F6FC2C2")] ...codeScorpion-Prince 2012-04-05 20:50

I have seen where you can have a view page that has a error message that just says opps error when u tried accessing the edit threw the browser that is what i want, dont want to create role - user1137472 2012-04-05 20:53

First of all, I'm not asking you create roles - putting the Authorize attribute with some random string will show the Access Denied to any user who tries to navigate to Edit. The other option for you is to create a View with name Error which shows whatever message you want, and then doing codereturn View("Error");code from the controller action - Scorpion-Prince 2012-04-05 21:01