I am using ASP.NET MVC to build a site. I am using VB as programming language.I have couple of questions.
1 I have created a role "Manager". How Do I check if a user belongs to this particular role?
For now I am using
If My.User.IsInRole("Manager") Then
'Direct to a view
Else
'Direct to another view
End If
Is this the right way?
2 How to use the Authorize attribute to limit access to a Function?
I know in C# it goes [Authorize (Roles ="Manager")] but not sure in VB.
Also can I define property to redirect a user who does not have "Manager" role to a particular view when trying to access this function .
Thanks in advance.
in vb it would be:
<Authorize(Roles := "Manager")> _
Related
I've created my ASP.NET web application using Identity 2 and have defined several roles. The role based authorization is in place. The controller class action methods have been decorated with Authorize commands specifying which roles can use that controller method.
At this point, I need to customize the Bootstrap 3 navigation menu so that only administrators see their menu options, only members of Role A see theirs etc. Back in the day, I used to use sitemap membership provider but am unsure how to do this in Plain Ole MVC 5. Guidance is much appreciated!
You can use the User.IsInRole() to render links conditionally.
#if (User.IsInRole("Admin"))
{
#Html.ActionLink("Admin Dashboard", "Index", "Dashboard")
}
This might help.
I am in search of finding a best way to route users based upon their role in MVC4 application.
Basically I have 3 types of users in my application
1)Admin
2)Staff
3)Client
How can I achieve this?
admin/home (for each admin request it starts with admin/{controller}....)
staff/home (for each staff request it starts with staff/{controller}....)
client/home (for each client request it starts with client/{controller}....)
Thanks.
3) There is an attribute which you place upfront of your actions in your controller, so there you can list what kinda role is allowed for this particular action. You can also create your own filters.
Ok here is what I suggest, make a new project and use the 'internet template'. Out of the box they set up a login page for you and this will give you an idea of how to set it up in your own application.
Based on the set up from above, you will need to edit the AccountController and add something like this to the Login Post Action.
if (User.IsInRole("Admin"))
{
return RedirectToAction("Home", "AdminController");
}
if (User.IsInRole("Staff"))
{
return RedirectToAction("Home", "StaffController");
}
if (User.IsInRole("Client"))
{
return RedirectToAction("Home", "ClientController");
}
Don't forget to add the [Authorize(Roles = "RoleName")] attribute to four controllers, or it won't matter if they are logged in or not.
Also, take a look at http://www.asp.net/mvc they have numerous resources for learning about asp.net mvc.
In ASP.NET MVC, we can assign multiple roles in AuthorizeAttribute. I'm currently using Fluent Security. The documentation says RequireRolePolicy can support one or more roles.
I want to do the code below:
configuration.For<MyController>(x => x.Index()).RequireRole("Administrator, Editor");
but it seems that it only checks one role. How to assign multiple roles to it?
Ok I got it now.
configuration.For<MyController>(x => x.Index()).RequireAllRolesPolicy("Administrator", "Editor");
Just curious what would be the best way to do this?
used to using
if (User.IsInRole("Administrator"))
with an older program of mine,
Using the new Kendo templete( new to me ) for MVC4-VS2012 Projects it created everything w/o simplemembership, so i wrote my own login system with help of some youtube videos and documentations.
It is very flexible and works, just curious on how I can check if a user is in a Roll Via A view ( like if (User.IsInRole("Administrator")) ) would have done. And or the best way to do so ( possibly in controller )
You can continue to use User.IsInRole(""), you simply need to set HttpContext.User with the correct principal that has a list of roles.
You can create your own Authorization Attribute that would take care of this:
var websiteRoles = userRepo.GetRoles(HttpContext.User.Identity.Name);
var identity = filterContext.HttpContext.User.Identity as FormsIdentity;
filterContext.HttpContext.User = new System.Security.Principal.GenericPrincipal(identity, websiteRoles.ToArray());
Follow up:
Your GetRoles() method can be implemented any way you like, you simply need to have a list of roles that the user belongs to. You will use this list to create the Principal object to set the User to.
Using this approach will allow you to use User.IsInRole()
Is there a way to retrieve all access rules from a specific Role?
As roles are just flagged at the top of an action or on top of the whole class I canĀ“t find a way to retrieve this information unless I read and parse the whole file and after that find a way to link this [authorization] tag to a group.
Thanks
No there is no builtin way. Its even impossible, because you might check for Roles in your code (actions/views) as well.
And how should the list of access rules be returned?
For example, how should an algorithm return / name this access rule in a view:
#if(User.IsInRole("SomeRole") {
<div>
Show some html only visible for users in SomeRole
</div>
}
You have to administer the list of your application defined access rules by yourself - i list will be very specific for your app.
Of cause, when you just use the Authorize attribute, you could generate a list of action methods accessible for a given role by reflecting over all controller classes.