1
I am finishing my application by configuring the authorization and permission of the application users. My idea is to move the layout so that the menus and submenus are only visible to those who have authorization for it. According to what I researched I need to create Roles to assign in my layout
@if (User.IsInRole("Usuário")
Well done. I have 3 tables in my bank prepared to do this control. Follow my models.
public class Perfil
{
public int Id { get; set; }
public string Matricula { get; set; } // Esse campo é o mesmo de login do usuário no sistema
public string Nome { get; set; }
public virtual ICollection<PerfiRole> PerfilRoles { get; set; }
}
public class Role
{
public int RoleId { get; set; }
public string Nome { get; set; } // Administrador, Gerente, Usuário
public virtual ICollection<PerfiRole> PerfilRoles { get; set; }
}
public class PerfiRole
{
[Key]
public int PerfilRoleId { get; set; }
public int Roleid { get; set; }
public virtual Role Role { get; set; }
public int Perfilid { get; set; }
public virtual Perfil Perfil { get; set; }
public int Matricula { get; set; }
}
All tables are already loaded with their proper profiles and roles of Administrator, User and Manager. I am using windows Authentication where the Profile table Register field is the same as the user input in windows, and when this accesses the application, it already opens with its Profile data pulled from login without the need of 'user and password' to enter the application. Finally, from this I wanted to close the mechanism so that when the user enters the application, load his data automatically as it is already done and appear only the menus corresponding to his profile as already defined in the database. I’d like to know what the controller looks like so I can do that. I tried some methods and saw some examples but none similar to what I need. I also need to know what to change in webconfig. All help and suggestion is welcome
EDIT
public class CustomRoleProvider : RoleProvider
{
public override string ApplicationName
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
throw new System.NotImplementedException();
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
throw new System.NotImplementedException();
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
throw new System.NotImplementedException();
}
public override bool IsUserInRole(string username, string roleName)
{
throw new System.NotImplementedException();
}
public override void CreateRole(string roleName)
{
throw new System.NotImplementedException();
}
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
throw new System.NotImplementedException();
}
public override string[] GetUsersInRole(string roleName)
{
throw new System.NotImplementedException();
}
public override bool RoleExists(string roleName)
{
using (var db = new DataContext())
{
// check if role exits
return db.Roles.Any(r => r.Nome == roleName);
}
}
public override string[] GetAllRoles()
{
List<string> roles = new List<string>();
using (var db = new DataContext())
{
try
{
var dbRoles = db.Roles.ToList();
foreach (var role in dbRoles)
{
roles.Add(role.Nome);
}
}
catch (Exception e) { throw e; }
}
return roles.ToArray();
}
public override string[] GetRolesForUser(string username)
{
List<string> roles = new List<string>();
using (var db = new DataContext())
{
try
{
var dbRoles = db.Perfis.Where(p => p.Matricula == username).ToList();
foreach (var role in dbRoles)
{
roles.Add(role.Nome);
}
}
catch (Exception e) { throw e; }
}
return roles.ToArray();
}
}
You implemented a
RoleProvider
so that commandUser.IsInRole()
work properly?– Leonel Sanches da Silva
No, that’s what I need to know how to implement.
– JHenriqueN
Or @Ciganomorrisonmendez if there is another way I can do the same without the need to [Roleprovider]
– JHenriqueN
The best way is by using the
RoleProvider
. See the answer.– Leonel Sanches da Silva