i want to display friends of a user who are currently logged in.
you need the MembershipProvider.GetAllUsers Method, to get a MembershipUserCollection of all registered users in the application.
Then filter that collection on the property IsOnline of the MembershipUser objects in this collection. (EG with LINQ)
Related
We're using Firebase Analytics for an app, and looking to add user properties to the event tracking we’re currently using. However, we were considering using user properties for values which can change during the session—a user could have multiple 'profiles' in the app, and switch between them in the course of a session, which would means that we'd want certain properties to apply only to actions done when the user was logged into a particular 'profile'. Were we to set a user property to one value on user login, then update it after the user switched 'profile', would the new user property value be retrospectively applied to all previously-gathered event values, or would the values be associated with whatever the user property value was at the time the events were sent?
I assume you are asking in context of BigQuery (and UI should follow BigQuery 'way of thinking') If you take a look at BigQuery export schema then you can see that every event has associated user properties. After user does something, their event is persisted with associated user property at the time. After you change user property, new events will have new user property associated, but old events will still have old user property. User property is not retroactively updated in old events.
I need to know is there's any way to check wither a specific user is currently logged in like in an admin control panel or something
I know there's
HttpContext.Current.User.Identity.IsAuthenticated
but that doesn't cover what I need it just checks wither the current user is not anonymous
I actually I found a solution for it using
MembershipUser user = Membership.GetUser("username");
bool isLogged = user.IsOnline
I'm developing an application using gvNix. I used typicalsecurity addon to secure my application. What I need now is to allow the user to update only their profile. i.e. the user can see a profile tab on the nav bar menu, and when clicking on it, a form should be displayed containing only their data.
I tried adding the following to my code, but it restricts the access even to the admin.
#RooWebScaffold(path = "users", formBackingObject = User.class, delete=false, create=false);
The xml here removes the menu tab or part of its sub items, so it doesn't show an option to edit the profile
...
xmlns:sec="http://www.springframework.org/security/tags"
...
<sec:authorize ifAllGranted="ROLE_ADMIN">...</sec:authorize>
Usually all the users should update their profiles, so the link should be visible for all users.
Then modify the controller method that handles that request to get the user principal for the requester, this is the way to load the profile of the loged user.
To get the principal of the user read the Spring Security docs.
I am using ASP.NET MVC 3. Please excuse my terminology. We assign roles to certain people at work, then we use Windows authentication to determine what roles a user has. Lets say the roles are RoleA, RoleB and RoleC. So now I get a list of roles for a user. Lets says that UserA belongs to RoleA and RoleB. Some of my views need to be authenticated as not everyone can view certain views. Lets say that ViewA can only be viewed by users that belong to roles RoleA and RoleB. How would I do this? What would I need to look into? When a user that does not belong to these roles tries to access the views then he/she should be redirected to an error page.
Also, I need some sort of helper method to check these roles as well to be used in my views to hide/display certain controls. Where is the best place to use this?
Any sample code / articles would be appreciated.
[Authorize(Roles = "RoleA,RoleB")]
public ActionResult Foo()
{
return View();
}
And if you want to check roles in the view:
#if (User.IsInRole("RoleA"))
{
<div>This will be visible only to users in RoleA</div>
}
I am using the asp.net mvc sample app and have expanded it a bit. I use the asp.net membership for login and registration for users.
I now want to change it so when people register, instead of instantly being able to login, it goes to some state where an administrator has to approve it. Once this approval happens, then they can log in.
Is there anything built into asp.net membership stuff that will help me to do this or do I have to code it up from scratch using my own implementation?
I have a few ideas and I don't think this is rocket science but I don't want to reinvent the wheel as I want to ship this as soon as possible.
The MembershipUser class has an IsApproved property. You may set it to false when creating a new user and then set it to true when the admin approves the user.
You have to call Membershi.UpdateUser(user) method after setting the property.
Here's some code to build a collection of un-approved users that can be used as the datasource of a data control like a GridView, DataList, or Repeater:
MembershipUserCollection users = Membership.GetAllUsers();
MembershipUserCollection unapprovedUsers = new MembershipUserCollection();
foreach (MembershipUser u in users)
{
if (!u.IsApproved)
unapprovedUsers.Add(u);
}
The MembershipUser class has an IsApproved property, and during user creation you can use one of the overloads on the Membership.CreateUser function which allows that flag to be set. Unfortunately there's no easy way to say "Show me all users who are not yet validated".