Create Roles to Hide/Show Menu

Question

Create Roles to Hide/Show Menu

Asked 10 years, 4 months ago

Viewed 1,682 times

5

I’m developing my first application in Asp.NET MVC and now creating the restriction and authorization part of users. I would like to do this so that the menus of my application are only accessible to certain users.

For example:

@if ("administrador")
{
     <li>@Html.ActionLink("Agenda", "Index", "Agenda")</li>
     <li>@Html.ActionLink("Criar", "Create", "Agenda")</li>
}

That is, in my layout identify which type of user can see that menu. So my questions are:

Like assigning which users are administrators?
How to create a controller identifying which user is logged in ( I use windows Authentication )
Check which group it is part of? I don’t even use Cookie, nor Session in my application, it’s all via Windows Authentication?

I get user authentication through a class

public static class UserDetails
{
    public static string GetMatricula(string userName)
    {
        string matricula = userName.Substring(userName.IndexOf(@"\") + 1);
        return matricula;
    }
}

And on the controller I have

public ActionResult Index()
{
    var matricula = UserDetails.GetMatricula(User.Identity.Name);
    var usuario = db.Usuarios.FirstOrDefault(x => x.Matricula == matricula);
}

The registration field is the same as the user logs into Windows. This way once the user enters the application, automatically already opens with its information from name and registration.

1 answer

Browser other questions tagged asp.net-mvc

You are not signed in. Login or sign up in order to post.

by Leonel Sanches da Silva • **88,623** points · Answer 1 · 2014-07-07T16:27:08+00:00

Like assigning which users are administrators?

Using Roles. For example:

@if (User.IsInRole("Administrador")) { ... }

How to create a controller identifying which user is logged in (I use windows Authentication) and check which group it is part of?

Actually you don’t necessarily need to use a Controller. The best is to use some user management provider and profiles like the ASP.NET Membership and the ASP.NET Identity.

In your case, I would create a Model new call Profile:

public class Perfil 
{
    [Key]
    public int PerfilId { get; set; }
    [Required]
    public String Nome { get; set; }

    public virtual ICollection<UsuarioEmPerfil> UsuariosEmPerfis { get; set; }
}

And another associative table, for example:

public class UsuarioEmPerfil 
{
    [Key]
    public int UsuarioEmPerfilId { get; set; }
    [Index("IUQ_UsuarioEmPerfil_UsuarioId_PerfilId", IsUnique = true, Order = 1)]
    public int UsuarioId { get; set; }
    [Index("IUQ_UsuarioEmPerfil_UsuarioId_PerfilId", IsUnique = true, Order = 2)]
    public int PerfilId { get; set; }        

    public virtual Usuario Usuario { get; set; }
    public virtual Perfil Perfil { get; set; }
}

[Index], introduced in this form from the Entity Framework 6.1.0, ensures the uniqueness of the associative record. Additional validations may be required in the application to avoid strange key duplicity errors for the user.

Usuario would receive the association of Users with Profiles:

public class Usuario
{
    ...
    public virtual ICollection<UsuarioEmPerfil> UsuariosEmPerfis { get; set; }
}

Reimplementaria the RoleProvider following the outline of this answer (just notice that I use the name Role instead of the name Perfil).

Finally, use the following command in the View:

@if (User.IsInRole("Administrador")) { ... }

This command uses the method IsUserInRole of your RoleProvider.