ASP.NET Provider with Different Types of Roles
-
22-09-2019 - |
Question
I have different types of Roles to take into account when authorizing a user. For example: John must have Position Manager and be part of the Office Supplies Department to order a new computer.
Problem with Roles is Roles.GetRolesForUser("John") can only return a string array.
Should I go with a custom roleProvider and custom roleManager? or should I develop a custom ProfileManager to add methods like GetUsersWithProfileProperties()?
Any suggestion is welcome!
Thibaut
EDIT: the above example is simplified I could have a much as 4 types of roles which are 4 different collections.
EDIT: I found a very similar question
Solution
why not create a "CompositeRoleProvider" with a Path-To-Level typew convention for accessing each subordinate role provider. You will still have to create multiple role providers, but your Composite or Top-Level Provider does all of the work for you. I plan to do a similar thing with ProfileProvider
OTHER TIPS
From what you write; I believe that everything you need is currently available out of the box:
// Return all Users in a Role
string[] users;
users = Roles.GetUsersInRole("RoleName");
// Return all Roles for a User
string[] roles;
roles = Roles.GetRolesForUser();
// Search through Membership store locating users with a role
MembershipUserCollection mu;
mu = Membership.GetAllUsers();
// Loop through all membership users looking for users in a role
foreach(MembershipUser m in mu){
if(Roles.IsUserInRole(m.UserName, "Role Name")){
// Do something
// We can even nest to x levels
if (Roles.IsUserInRole(m.UserName, "Another Role")){
// Do something else
}
}
}
Please clarify if I have misunderstood your question.
I'm studying how to solve a pretty similar problem and I've come to a conclusion that the best thing to do is to implement a custom role provider.
I'm using this (http://msdn.microsoft.com/en-us/library/317sza4k(v=vs.100).aspx) as a base and I will implement my methods like (IsManager, GetDepartment, ecc).
Data will be stored in custom tables that are joined to the aspnet_users table.
Hope it may help someone in the future :)
I think there is a method GetUsersInRole. http://msdn.microsoft.com/en-us/library/system.web.security.roles.getusersinrole.aspx