The example in Listing 1 shows an action method in our Pet controller. Although the stated return type of the method is ActionResult, we are actually returning a ViewResult object that represents a view. The ViewResult class inherits from ActionResult, so the framework will accept it.
Listing 1. The Display Action Method in the PetController Class
public ActionResult Display()
{
var name = (string)RouteData.Values["id"];
var model = PetManagement.GetByName(name);
if (model == null)
{
return RedirectToAction("NotFound");
}
return View(model);
}
public ActionResult NotFound()
{
return View();
}
When a request from a user such as http://domain/Pet/Display/Fido is made to the application, the routing engine matches it to the Display action method in the PetController class. Next, the action method examines the RouteData dictionary in search of the value in the {id} placeholder, which is Fido. Once the pet name has been identified, the action method uses a business model class named PetManagement to retrieve a record from the database (if any exists) and place it in the model variable.
The method PetManagement.GetByName() will return an object if the pet’s record exists; otherwise it will return null. If the value returned is null, then the action method redirects to another action method called NotFound. This action method will return a view with specific functionality to inform the user that there is no pet with the name Fido in the system.
If a record is found for Fido, then a view will be returned along with the newly found record so that the view can render the pet’s details.
Using FileResult
Let’s now add functionality to allow users to download pictures of the pets. In Listing 2, the action method DownloadPetPicture returns a FileResult object. The content of the FileResult object is the pet picture file, which is in the Content/Uploads folder.
Listing 2. Downloading Files Using FileResult
public FileResult DownloadPetPicture()
{
var name = (string)RouteData.Values["id"];
var picture = "/Content/Uploads/" + name + ".jpg";
var contentType = "image/jpg";
var fileName = name + ".jpg";
return File(picture, contentType, fileName);
}
The FileResult object expects three parameters: the path where the file is located, a content type of image/jpg (because we are using pictures and assuming it’s a JPG file), and the name of the file, because we want it to display to the user when they are prompted to download. Figure 4-1 shows the result in the browser.
Figure 1. Downloading a file with a FileResult action method
Additionally, if you modify the code to remove the third parameter of the File method, then the action method
will, instead of downloading the picture, display the picture in the browser, as shown in Figure 2. The modified code is shown in Listing 3.
Figure 2. Displaying a picture using FileResult
Listing 3. Displaying Pictures Using FileResult
public FileResult DownloadPetPicture()
{
var name = (string)RouteData.Values["id"];
var picture = "/Content/Uploads/" + name + ".jpg";
var contentType = "image/jpg";
return File(picture, contentType);
}
Using HttpStatusCodeResult
The action result HttpStatusCodeResult is useful when recognizing that a specific area of the application is accessible only to authorized users. With a system such as Forms Authentication, you can implement a certain level of access control. For example, imagine you have a banking application that allows employees to see reports. You want certain reports to be accessible to managers but not the people in the customer service team. Your action method can check for this access level and then, if it finds that the user is a member of the customer service team, issue an error that results in a redirection to the login page, as shown in Figure 3.
Figure 3. Identifying unauthorized access and then redirecting to the login page
Listing 4. Issuing a 401 Error
public HttpStatusCodeResult UnauthorizedError()
{
return new HttpUnauthorizedResult("Custom Unauthorized Error");
}
In Figure 3 you can see in the Network tab of the developer tools that a request was made to /Pet/UnauthorizedError. Then this was correctly identified as a request to a restricted (secured) page. Finally, the application issued an HttpUnauthorizedResult response, which resulted in a redirection to the login page.
Using HttpNotFoundResult
In some cases it is a good idea to intentionally return a “not found” HTTP error. For example, consider search engine optimization (SEO). When dealing with dynamic content, such as an online store, if a product is no longer available, you might want to generate a not found response so that when search engines’ crawlers (Google’s, for example) examine the web site, they will update their indexes to exclude outdated pages.
Listing 5 shows how to generate a not found response (HTTP 404 code) with an action method.
Listing 5. Issuing a 404 Error with an Action Result
public ActionResult NotFoundError()
{
return HttpNotFound("Nothing here...");
}
Listing 1. The Display Action Method in the PetController Class
public ActionResult Display()
{
var name = (string)RouteData.Values["id"];
var model = PetManagement.GetByName(name);
if (model == null)
{
return RedirectToAction("NotFound");
}
return View(model);
}
public ActionResult NotFound()
{
return View();
}
When a request from a user such as http://domain/Pet/Display/Fido is made to the application, the routing engine matches it to the Display action method in the PetController class. Next, the action method examines the RouteData dictionary in search of the value in the {id} placeholder, which is Fido. Once the pet name has been identified, the action method uses a business model class named PetManagement to retrieve a record from the database (if any exists) and place it in the model variable.
The method PetManagement.GetByName() will return an object if the pet’s record exists; otherwise it will return null. If the value returned is null, then the action method redirects to another action method called NotFound. This action method will return a view with specific functionality to inform the user that there is no pet with the name Fido in the system.
If a record is found for Fido, then a view will be returned along with the newly found record so that the view can render the pet’s details.
Using FileResult
Let’s now add functionality to allow users to download pictures of the pets. In Listing 2, the action method DownloadPetPicture returns a FileResult object. The content of the FileResult object is the pet picture file, which is in the Content/Uploads folder.
Listing 2. Downloading Files Using FileResult
public FileResult DownloadPetPicture()
{
var name = (string)RouteData.Values["id"];
var picture = "/Content/Uploads/" + name + ".jpg";
var contentType = "image/jpg";
var fileName = name + ".jpg";
return File(picture, contentType, fileName);
}
The FileResult object expects three parameters: the path where the file is located, a content type of image/jpg (because we are using pictures and assuming it’s a JPG file), and the name of the file, because we want it to display to the user when they are prompted to download. Figure 4-1 shows the result in the browser.
Figure 1. Downloading a file with a FileResult action method
Additionally, if you modify the code to remove the third parameter of the File method, then the action method
will, instead of downloading the picture, display the picture in the browser, as shown in Figure 2. The modified code is shown in Listing 3.
Figure 2. Displaying a picture using FileResult
Listing 3. Displaying Pictures Using FileResult
public FileResult DownloadPetPicture()
{
var name = (string)RouteData.Values["id"];
var picture = "/Content/Uploads/" + name + ".jpg";
var contentType = "image/jpg";
return File(picture, contentType);
}
Using HttpStatusCodeResult
The action result HttpStatusCodeResult is useful when recognizing that a specific area of the application is accessible only to authorized users. With a system such as Forms Authentication, you can implement a certain level of access control. For example, imagine you have a banking application that allows employees to see reports. You want certain reports to be accessible to managers but not the people in the customer service team. Your action method can check for this access level and then, if it finds that the user is a member of the customer service team, issue an error that results in a redirection to the login page, as shown in Figure 3.
Figure 3. Identifying unauthorized access and then redirecting to the login page
Listing 4. Issuing a 401 Error
public HttpStatusCodeResult UnauthorizedError()
{
return new HttpUnauthorizedResult("Custom Unauthorized Error");
}
In Figure 3 you can see in the Network tab of the developer tools that a request was made to /Pet/UnauthorizedError. Then this was correctly identified as a request to a restricted (secured) page. Finally, the application issued an HttpUnauthorizedResult response, which resulted in a redirection to the login page.
Using HttpNotFoundResult
In some cases it is a good idea to intentionally return a “not found” HTTP error. For example, consider search engine optimization (SEO). When dealing with dynamic content, such as an online store, if a product is no longer available, you might want to generate a not found response so that when search engines’ crawlers (Google’s, for example) examine the web site, they will update their indexes to exclude outdated pages.
Listing 5 shows how to generate a not found response (HTTP 404 code) with an action method.
Listing 5. Issuing a 404 Error with an Action Result
public ActionResult NotFoundError()
{
return HttpNotFound("Nothing here...");
}
No comments:
Post a Comment