You need to secure the administrative functions for all MVC controllers.
Which code segment should you use as the body for the CreateController method in AdminVerifierFactory.cs?
A . Option A
B . Option B
C . Option C
D . Option D
Answer: D
Explanation:
The MemberInfo.CustomAttributes property gets a collection that contains this member’s custom attributes.
The Any() statement will either return null or a collection of matched custom attributes. If it matches one or more, the controller is secure, otherwise an exception is thrown.
From scenario: The application contains a header that is visible on every page. If the logged-on user is an administrator, then the header will contain links to administrative functions. This information is read from a cookie that is set on the server. The administrative links must not be present if an error condition is present.
Incorrect:
Not B: controller.GetType().Attributes will not return custom attributes.
References: https://msdn.microsoft.com/enus/library/system.reflection.memberinfo.customattributes(v=vs.110).aspx
Leave a Reply