HiveBrain v1.2.0
Get Started
← Back to all entries
patterncsharpMinor

Method to determine redirect after login

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
aftermethodloginredirectdetermine

Problem

I have a method that returns a URL to send a user should they pass a login. My problem is two of these links are hard coded one of which is attempting to pass a variable to the model of that controller. My question is two fold:

A. Is this safe
B. Is there a better way to do this without hard-coding things like this?

public class LoginViewModel
{
  public string UserId {get; set;}
  public string GetAppAccess()
  {
    using (var db = new WebContext())
    {
      var query = (from a in db.Permissions
                   join b in db.UserPermissions on a.PermissionId equals b.PermissionId
                   join c in db.Applications on a.Name equals c.AppName
                   where a.PermissionType == PermissionType.AppAccess & b.UserId == UserId
                   select c).ToList();
      switch (query.Count)
      {
        case 0:
          return "http://SERVERNAME/Tickets/Create?subject=Request%20For%20Application%20Access";
          // TODO: code ticket logic to except this argument
        case 1:
          return query[0].AppUrl;
        default:
          return "http://SERVERNAME/Dashboard/" + UserId;
      }
    }
  }
}

Solution

You are correct in feeling uneasy about the hardcoded URLs: I would put them in a config file.

By hardcoding them you will be forced to rebuild the project should you change to a different server while using a configuration file you can change it whenever you want and it will get picked up automatically.

Context

StackExchange Code Review Q#54197, answer score: 3

Revisions (0)

No revisions yet.