oqtane.framework/Oqtane.Client/Modules/Controls/ActionLink.razor

@namespace Oqtane.Modules.Controls
@inherits ModuleBase
@inject IUserService UserService

@if (authorized)
{
    <NavLink class="@classname" href="@url" style="@style">@text</NavLink>
}

@code {
    [Parameter]
    public string Action { get; set; } // required

    [Parameter]
    public SecurityAccessLevel? Security { get; set; } // optional - can be used to explicitly specify SecurityAccessLevel

    [Parameter]
    public string Text { get; set; } // optional - defaults to Action if not specified

    [Parameter]
    public string Parameters { get; set; } // optional - querystring parameter should be in the form of "id=x&name=y"

    [Parameter]
    public string Class { get; set; } // optional - defaults to primary if not specified

    [Parameter]
    public string Style { get; set; } // optional

    string text = "";
    string url = "";
    string parameters = "";
    string classname = "btn btn-primary";
    string style = "";
    bool authorized = false;

    protected override void OnParametersSet()
    {
        text = Action;
        if (!String.IsNullOrEmpty(Text))
        {
            text = Text;
        }

        if (!String.IsNullOrEmpty(Parameters))
        {
            parameters = Parameters;
        }

        if (!string.IsNullOrEmpty(Class))
        {
            classname = Class;
        }

        if (!string.IsNullOrEmpty(Style))
        {
            style = Style;
        }

        url = EditUrl(Action, parameters);
        authorized = IsAuthorized();
    }

    private bool IsAuthorized()
    {
        bool authorized = false;
        if (PageState.EditMode)
        {
            SecurityAccessLevel security = SecurityAccessLevel.Host;
            if (Security == null)
            {
                string typename = ModuleState.ModuleType.Replace(Utilities.GetTypeNameLastSegment(ModuleState.ModuleType, 0) + ",", Action + ",");
                Type moduleType = Type.GetType(typename);
                if (moduleType != null)
                {
                    var moduleobject = Activator.CreateInstance(moduleType);
                    security = (SecurityAccessLevel)moduleType.GetProperty("SecurityAccessLevel").GetValue(moduleobject, null);
                }
                else
                {
                    security = SecurityAccessLevel.Anonymous; // occurs when an action does not have a corresponding module control
                    Class = "btn btn-warning"; // alert developer of missing module comtrol
                }
            }
            else
            {
                security = Security.Value;
            }
            switch (security)
            {
                case SecurityAccessLevel.Anonymous:
                    authorized = true;
                    break;
                case SecurityAccessLevel.View:
                    authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
                    break;
                case SecurityAccessLevel.Edit:
                    authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
                    break;
                case SecurityAccessLevel.Admin:
                    authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
                    break;
                case SecurityAccessLevel.Host:
                    authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
                    break;
            }
        }
        return authorized;
    }
}