I am working on a web application that uses "Activity Based Authorization." Basically, instead of roles being allowed to do an action, a role or user has to be authorized for that activity instead. I'm wondering if, on top of a custom role provider overriding the default methods, that I can add custom methods on top of those. I'm rather new to MVC and I feel like I'm going beyond my abilities, but I figure it must be possible.
For example:
There is a @User.IsInRole("RoleName") in Razor.
I'd like to add an additional method like @User.AuthorizedActivity("Admin/Permissions/Edit") (based off of the naming in my activities table).
Is this possible and how can it done?