Developer Guide
Controller Annotations

    Authorize

    This annotation allows you to authorize the action. If you use "Authorize" with no roles specified, the attribute ensures that the current user is authenticated. You can specify a list of roles:
    [Authorize(Roles="Technicians,Field Marketers")]
    public ActionResponse MyAction() 
    {
       ...
    }
    

     

    AuthorizeAction

    This attribute authorizes the action method so that the user is authorized to perform the database operation specified. This permission check is directly related to the permission specified on security roles and which entity is accessed and passed as the Model to your views. You can pass the Entity, Action, and Area names. The RecordIdParam can also be configured if the ID value is passed through a parameter other than "id".

    [AuthorizeAction(Entity="Contact", Action="Edit")]
    public ActionResponse MyAction()
    {
          var contact = Database.Retrieve("00200000000003q00341");
          return View(contact);
    }
    



    Captcha Validator

    If you intend to use a Captcha validator on your form, by adding this attribute to your action you can force the user to verify the correct Captcha. This attribute performs the captcha validation and updates the ModelState by adding an error entry under "ReCaptcha" key. In your HttpPost action method you can check to see if the ModelState is valid or not.

    [CaptchaValidator]
    public ActionResponse Save(Account model)
    {
         if (!ModelState.IsValid)
         {
               //once the model is bound back to the action method argument,
               //the captcha attribute updates the ModelState is captcha value is invalid
               //by simply returning the control back to the existing view,
               // you can allow the user to see the errors and make corrections.
    
               return View(model);
         }
    }

     

    Compress Output

    By default, Magentrix uses a compression technique to remove unnecessary whitespaces and lower the size of streamed HTML content. In some cases you may want to turn off this feature on your actions. To do so, you can use this attribute in the following way:

    [CompressOutput(false)]
    public ActionResponse MyCustomAction() { .... }

     

    Handle Exceptions for JSON Requests

    When writing controller actions that stream JSON data, which is suitable for Javascript interactions or building RESTful APIs, it is best to use this attribute on your action. This attribute ensures that all un-handled exceptions, unauthorized accesses or other common exception scenarios are streamed back to the consumer in JSON format.

    [HandleExceptionsForJson]
    public ActionResponse MyJsonAction()
    {
        return Json(new { Message="Hello World" });
    }
    

     

    HTTP Post Requests

    All public controller's methods are considered actions that respond to HTTP requests. If an action is not decorated with any specific HTTP method selector, then by default the action is meant to handle GET requests. If you intend your action to respond to POST requests only, use this attribute.

    [HttpPost]
    public ActionResponse Submit(Contact model)
    {
       ....
    }
    
     

    Accept Verbs POST or GET

    If you wish your action method to be able to handle both POST and GET incoming requests, you can use this attribute:
     
    Caution: If you mark an action to respond to more than one HTTP verb, you cannot create a separate action overload that responds to the same verbs.
    [AcceptVerbs("POST","GET")]
    public ActionResponse MyAction(string id)
    {
        return View();
    }
    

     

    Choosing Master Layouts

    This annotation allows you to choose alternative layouts in your action's response. Possible values are "Setup", "Site", "Lookup", "Public", and "Blank". You can apply this annotation to either your controller class (which will affect all actions of the controller), or just to selected actions.

    • Setup: Use this name if you need the result of your action (the view) to be shown in the system's "Setup Area" (with side menu).
    • Site: The default master theme. This will load your view into the standard site theme.
    • Lookup: Used in Lookup pages, dialogs or pages that require the site header and footer to be invisible.
    • Public: This master theme is supplied for any public or specific scenario where showing the site menu is not necessary, such as a Login Page or a Forgot Password Page.
    • Blank: Displays the page's contents without the site header or footer.
    //Show your page as part of Setup area which has the Setup Sidebar.
    [MasterName("Setup")]
    public ActionResponse Index()
    {
       ...
       return View();
    }
    
     

    Serializing Models into Page ViewState

    Objects passed to views from GET actions are not serialized in the form of a page's ViewState. Therefore, on POST actions, you can only have access to the values that were added to the view in the form of HTML input elements.

    If you wish to receive the original object with all the user changes applied to it, use the attribute below on your action method. You can always check ModelState to see which values were modified by users.

    [SerializeViewData]
    public ActionResponse Edit(string id)
    {
        var contact = Database.Retrieve("00200000000003q00341");
    
        DataBag.Title = "Edit Contact";
    
        return View(contact);
    }
    
    [HttpPost]
    public ActionResponse Edit(Contact model)
    {
        //access to the original object with user's modifications applied.
        if (ModelState.IsValid)
        {
            //accessing the old and new values for each field
            var newValue = ModelState["Firstname"].Value.NewValue;
            var oldValue = ModelState["Firstname"].Value.RawValue;
        }
        
        //DatBag value is also presisted.
        var title = DataBag.Title;
    }
    
    This Attribute will serialize the Model and whatever items you include into DataBag.
     

    Writting Stateless Actions

    By default, all actions within the Magentrix platform are working with the Sessions enabled. If you need to write Stateless actions, suitable for creating scalable APIs, use the "SessionState" attribute as shown below:

    [SessionState(SessionStateMode.ReadOnly)]
    public ActionResponse MyStatelessAction()
    {
       ...
    } 
    
     
     

    [AspxStyle("<entity name>")]

    In order to apply tab styles of another Entity to your ActivePage, you can add this attribute on your controller:

    [AspxStyle("Force.Force__Contact")]
    public class MyPageController : AspxController
    {
       ...
    }

     

    [ValidateAntiForgeryToken]

    If you wish to ensure maximum security within your actions- especially any actions that perform any type of system data and resource modification- use this attribute. Magentrix pages automatically implement the Anti-Forgery security and the security token rendered on the page as well as use of cookie values. When you include this attribute on your action methods, the system performs a test to ensure the POST or GET request originated from the same website and is not an external system trying to perform any malicious actions.

     

    [Localization(UICulture="<ui culture>",Culture="<culture>")]

    This attribute allows you to set the response's UI Culture as well as the system's Culture. This attribute can be used to manually set these values, which will affect the system language and culture settings for your action.