Developer Guide
Controller Security

    Using Magentrix Security Roles, you can specify whether or not a user can execute methods in a custom controller. The security roles can also be expanded to control the context of which entity the controller needs to work with.

    For example, you can specify that a user can execute your controller only if he/she has read or edit access to an entity such as "Contact". This operation can be supported by decorating your action with an "AuthorizeActions" attribute.
    public class MyPageController : AspxController
    {
          [AuthorizeAction(Entity="Contact", Action=StandardAction.Create)]
          public override ActionResponse Index()
          {
              return View(new Contact());
          }
    }


    In the above code sample, Magentrix only allows the user to perform the "Index" action if the user has "Create" permission for the "Contact" entity.