ASP Partial page is only being properly routed to sometimes - inconsistent error

ASP Partial page is only being properly routed to sometimes - inconsistent
error

I have created a web portal using ASP MVC 4 where users can be given
access to 2 versions of a given page. One version is admin (allows add,
edit, delete functionality of a database), the other page provides links
to the documents with no modification ability. Im having a problem though:
When the user is not authorized, the search functionality does not work
consistently. It works sometimes and with no discernible patterns. The
code will get through the first route and into my filter, but when i go to
call RedirectToRouteResult() it usually wont enter into the secondary
Action in the controller to load the restricted view partial.
I am new to ASP MVC so I may be using the partials incorrectly. But the
fact that it SOMETIMES works is odd, and in my traditional coding
experience is indicative of an uninitialized variable. So some help would
be great.
To accomplish this I have 3 separate Views:
-Index -DocumentListPartial -DocumentListPartialRestricted
Index looks like this:
@{
ViewBag.Title = "Index";
}
@Styles.Render("~/Content/AS9100")
@Styles.Render("~/Content/AS9100/IndexRestricted")
<br />
<div style="text-align:center; padding: 15px;">
Search for @Html.TextBox("search") in
<select id="department">
<option>All</option>
@foreach(var department in ViewBag.Departments)
{
<option>@department.name</option>
}
</select>
</div>
<br />
<div id="docList">
</div>
@Scripts.Render("~/bundles/jquery")
@Scripts.Render("~/bundles/AS9100")
There is a navigation bar a search box and a drop down to select the
department to look in. Whenever the user types in the search of uses the
drop down I update the docList div by loading a partial using this
Javascript:
$(function () {
// Once the page is finished loading
$.get("/AS9100/DocumentListPartial",
// Make a GET call to return all the AS9100 documents
{
search: $("#search").val(),
// Send a search of null (this
causes the Controller to return everything)
department: $("#department").find(":selected").text()
// Send the
'All' department flag (this will tell the controller not
to execute a department filter)
},
function (data) {
// On success:
$("#docList").html(data)
// Load the returned html into the docList div
});
$("#search").keyup(function () {
// Repeat the above proccess everytime a key is released in the
search box
$.get("/AS9100/DocumentListPartial",
{
search: $("#search").val(),
department: $("#department").find(":selected").text()
},
function (data) {
$("#docList").html(data)
});
});
$("#department").change(function () {
// Run the search again anytime the user changes the department
dropdown
$.get("/AS9100/DocumentListPartial",
{
search: $("#search").val(),
department: $("#department").find(":selected").text()
},
function (data) {
$("#docList").html(data)
});
});
})
The restricted partial is for non-admin users. Here is the restricted
views code:
@model List<ARTportal.Models.AS9100docs>
<table>
@foreach (var item in Model) {
<tr>
<td>
<a href="http://doccenter.artrs.com/inforouter/docs/~D
@item.docId">@Html.DisplayFor(modelItem => item.title)</a>
</td>
<td>
<a class="@item.department" href="#"
onclick="changeDepartmentFilter(event)">@Html.DisplayFor(modelItem
=> item.department)</a>
</td>
<td>
@Html.DisplayFor(modelItem => item.docId)
</td>
</tr>
}
</table>
The only difference in the non-restricted version of the partial is that
there is create, edit, and delete action links.
What I've done in my controller is this:
[HttpGet]
[PermissionFor(permission = "AS9100", failController = "AS9100",
failAction = "DocumentListPartialRestricted")]
public ActionResult DocumentListPartial(string search, string department)
{
if (search == null || search == "")
{
if (department == null || department == "All")
return PartialView("DocumentListPartial",
db.AS9100docs.ToList());
else
return PartialView("DocumentListPartial",
db.AS9100docs.Where(doc =>
doc.department.Contains(department)).ToList());
}
else
{
if(department == null || department == "All")
return PartialView("DocumentListPartial",
db.AS9100docs.Where(doc => doc.title.Contains(search))
.ToList());
else
return PartialView("DocumentListPartial",
db.AS9100docs.Where(doc => doc.title.Contains(search))
.Where(doc
=>
doc.department.Contains(department))
.ToList());
}
}
[HttpGet]
public ActionResult DocumentListPartialRestricted(string search,
string department)
{
if (search == null || search == "")
{
if (department == null || department == "All")
return PartialView("DocumentListPartialRestricted",
db.AS9100docs.ToList());
else
return PartialView("DocumentListPartialRestricted",
db.AS9100docs.Where(doc =>
doc.department.Contains(department)).ToList());
}
else
{
if (department == null || department == "All")
return PartialView("DocumentListPartialRestricted",
db.AS9100docs.Where(doc => doc.title.Contains(search))
.ToList());
else
return PartialView("DocumentListPartialRestricted",
db.AS9100docs.Where(doc => doc.title.Contains(search))
.Where(doc
=>
doc.department.Contains(department))
.ToList());
}
}
As you can see on the admin page I have created a filter. This filter
checks a database to see if the user is authorized to view the page - if
they are not it kicks them to another Action in the controller. Here is
the code for the Filter:
public class PermissionFor : ActionFilterAttribute
{
public string permission { get; set; }
// Holds the persmission string to
compare against
public string failController { get; set; }
// Holds the controller to redirect to on
fail
public string failAction { get; set; }
// Holds the action to perform on fail
public override void OnActionExecuted(ActionExecutedContext
filterContext) // When the user navigates to
the controller
{
var viewResult = filterContext.Result as PartialViewResult;
// Create a local view result
from the filter context
ARTportal.Models.intranetTables database = new
Models.intranetTables(); // Build a local
database object
if (viewResult != null)
// If a view result is going to be
returned
{
if (!(database.Users.Where(u => u.name ==
filterContext.HttpContext.User.Identity.Name) // If the
user has permission
.Where(u => u.permission ==
this.permission).ToList().Count() > 0))
{
RouteValueDictionary rvd = new RouteValueDictionary();
// Create a routing
dictionary
rvd.Add("controller", failController);
// Set the controller to
route to
rvd.Add("action", failAction);
// Set the action to perform
filterContext.Result = new RedirectToRouteResult(rvd);
// Send the user to the Home
controller
}
}
base.OnActionExecuted(filterContext);
// Continue routing the user to the
page
}
}