I have a web-site with many entities, all these entities are linked to company. User, which logged to site, has a linked company too, so, he sees only entities, linked to his company. Also, there is a admin, who can works with all companies, he selects a company and then navigate inside site like simple user. I think what is the best way to pass this company id to select entities. Of course, I can add CompanyId to each method in each controller:
public async Task<ActionResult> Index(int? CompanyId)
{
//.....
}
and create Action Filter like this:
public class CompanyIdValueActionFilterAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.User.IsInRole("Superadmin") && filterContext.HttpContext.Request["CompanyId"] != null)
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
else
base.OnActionExecuting(filterContext);
}
}
and mark by this attribute each method and add to each link parameter CompanyId, but probably it can be a more effective and flexible way?