If I have two tables in my project to have access to such a blog (blog writers access) and one for friends access.
I use if I want the RoleProvider What is the form?
This question is very ambiguous and suggestions you need to do some reading on ASP.NET membership/roles... but to check if the user is in a role, you just do this:
User.IsInRole("role name")
Roles.Provider gets the default Role Provider.
Roles.Providers gets the collection of Role Providers for the ASP.NET application.
Look into the System.Web.Security namespace
Related
I want to use NauckIT asp.net membership provider for Postgres.
I was playing with example and I managed to register/login/logout user. However, This membership provider also has role management, but i dont know how to use it.
My question is: Is it possible to use ASP.NET Configuration utility (the one you start from menu Project>ASP.NET Configuration) to create roles and users? How do I achieve this?
If this is not possible, Is there any other way to do this (besides inserting/update roles/users directly to Postgres DB - this is not much user friendly)
Thank you in advance
Roles are managed by a RoleProvider in ASP.Net
I would imagine if it has a custom Membership provider, then it would also have a custom role provider as well. If this is the case, then you can certainly use the out of the box Management Pages for ASP.Net as it simply uses the Role and Membership providers that are already defined.
It would appear that NauckIT does in fact have a role provider.
Again, the management pages should work just fine if following the instructions in the link above.
In asp.net mvc default application you get he account controller which enable user registration, log in, log out and changing password.
I was wondering is it possible to implement litle more like enabling administrator to delete some user or give some user different roles like in asp.net configuration where you create user, roles and asign roles to users?
I already figured out and extend profile for users, so now they have much more infos and profile picture.
If you have any experience or examples of user management in asp.net mvc.
Although a bit outdated, this project maybe can give you a few hints on how to implement membership administration in ASP.NET MVC:
Asp.Net MVC Membership Starter Kit
Quote
What is the Asp.Net MVC Membership
Starter Kit?
The starter kit currently consists of
two things:
A sample website containing the controllers, models, and views needed
to administer users & roles.
A library that provides testable interfaces for administering users &
roles and concrete implementations of
those interfaces that wrap the
built-in Asp.Net Membership & Roles
providers.
Out of the box, the starter kit gives
you the following features:
List of Users
List of Roles
User Account Info
Change Email Address
Change a User's Roles
Update
For restricting certain operations to specific user roles, you can create these roles using the project I mentioned earlier, and then decorate your own application's controllers and/or actions with an Authorize attribute, referencing the desired roles:
[Authorize(Roles = "Administrator, HR")]
public ActionResult DeleteUser(int UserId)
{
// do something
}
This would prevent users that are not Administrator or HR to delete users.
Here is my try for a reusable user & role management:
https://github.com/Epstone/Simple-MVC-User-Management
If I were you I'd create a Admin "module" which handles all of these things. I don't know of any asp.net documentation on this, but if you look around on PHP documentation (Zend Framework, CakePHP or other) you get the basic ideas of the structures you should use to achieve this. Just remember to keep things seperated, admin stuff goes into a admin module not a user module (but maybe a user controller inside a admin module).
I answered a similar question here:
User Management in ASP.Net MVC 3
This provides you with an MVC 3 Razor based User Management Tool. This does not include Roles, but if you get this far, it should not be real difficult to add them.
Suppose I have 3 kinds of users and their accessible pages in my ASP.net application are as follows:
(1) User Type-A {Default.aspx, a.aspx, b.aspx and c.aspx},
(2) User Type-B {Default.aspx, d.aspx, e.aspx and f.aspx},
(4) Admin {Default.aspx and g.aspx}.
Here Default.aspx is my Login-page.
I am using Membership Provider and Forms authentication technique.
Now I need to block access of one type of user to the pages assigned for other type users.
How should I configure my Web.config file?
and What kind of c# code should be used?
Role management in asp.net may help you in this case. Please check this article.
You may have to customize this as per your specific requirement. Hope this helps.
Role Manager in ASP.NET
Each of User-Type will be associated with Roles.
We have a similar requirement, and make use of the Patterns and Practices Web Client Software Factory. Basically it assists you in creating modules, and allowing you to specify per-page access levels in config based on Role / User details.
You might have a try to use roleship provider and web.sitemap.
I have Membership, Profile and Role providers setup for my .NET MVC website. I would like to say: this Role has access to that Page.
How do I 'inject' this code to the RoleProvider? Or do I have to override it somehow? Any leads?
(Roles are stored in the default ASP.NET SqlRoleProvider, Pages are stored in a seperate SQL database).
Why would you inject this into the role provider? Why not just decorate the ActionResult [Authorise(Roles="myrole")]?
I understand that your pages are in the database but the action result still needs to call the view right?
I guess you could write you're own custom attribute which can check and either grant access or deny it.
I don't think the role provider is the right place for determining whether a page can be displayed or not.
Take a look at using sitemaps under asp.net. It is VERY easy to manage and to extend.
I have even used them as the datasource for a menu system.
Once in your page, you can do something like:
User.IsInRole("RoleName")
I am creating a website in ASP MVC. Can anyone give me some advice on using the built-in membership provider in the following way.
I want my users to create an Administrative account for themselves and then create accounts for the people in their organization, or the people that they want to give access to.
I guess in a Database it will look something like this:
Companies have Administrators. Administrators can give users access.
I am sure this pattern is used all over the place, I am just not sure how to implement it. Especially using the membership providers.
Thanks,
David
There is nothing special in implementing this. It can be easily accomplished by built-in features of ASP.NET 2.0:
Configure Web site to use membership (via web.config)
Enable role management (via web.config <roles enabled="true"> tag)
Add administrator accounts to Administrators role.
Control access to the administrative pages by using [Authorize(Roles="Administrators")] attribute in the controller action.
Require authentication on other non-admin actions ([Authorize])
When I did this, I used the Membership Provider for authentication however, the organization concept I created externally from the Provider. You could use the Profile Provider.
As for roles I would still use the Roles within the ASP.Net Membership Model.
You can create a role for those people and name it something like organizational-admin, though that's a bit long, you catch my drift :). And give those the power to create users with a regular user role. At least that's how i did it in one of my applications.
Ofcourse you'll keep the admin to yourself or to the person who is in charge of this particular site.
Gu's blog has a small example of how to implement the roles in an action filter.