I am searching for the best way for track user on a web site based on asp.net.
We are using log4net to log some business actions (enter on this page, click on button, etc.). But for multiple users, log file cannot be read easily.
So I need add a property 'UserName' on the config file like this :
<conversionPattern value="%date [%thread] - %property{UserName} - %-5level - %logger - %message%newline"/>
Do you hae any idea about the way to set 'UserName' ?
thanks for your help
Following property is there
%username the Windows identity of user making the log entry; slow
check for more detail : http://www.beefycode.com/post/Log4Net-Tutorial-pt-4-Layouts-and-Patterns.aspx
check this article : Capture Web Events in log4net
You can define a username (or any other) property like this:
this.SetThreadContext("UserName", userName);
assuming userName holds the name of the user.
Edit (What you really want to do):
Write a wrapper for log4net (with interface) and make some method e.g. SetUserName like this:
public void SetUserName(Func<string> getUserName)
This method you call at application start and you pass some method that returns the currently logged in user (from the HttpContext). You will need to store the delegate somewhere, maybe a static variable. Then you have methods for logging at various levels and every single method calls the delegate (Func<string> getUserName) and sets the thread context property as shown above. This way you do not have to set the thread context property manually before every call to the logger...
Related
I have followed on from the following answer here: How to extend IdentityUser with custom property
My variables I have added (following the above answer) are:
int numberID
string fullName
This is built upon the default Visual Studio 2017 ASP.net Web Application selected with options Web API and Individual User Accounts Authentication.
I am now trying to read the current value of both numberID and fullName of the current user inside the ValuesController of the project.
I have tried doing
var currentUser = System.Web.HttpContext.Current.User.Identity.GetUserId();
var currentnumberID = currentUser.numberID;
But am having no sucess with the last line of code.
I have also used User.Identity.GetUserName() and was wondering if there was a way to access my new variables WITHOUT creating a User Identity Extension?
OR
Better yet, with my Web API app what is the best way to add additional variables / fields for the user. Ie I would like to add both fullName and numberID associated to each user and be able to access these in my Web API controllers (eg call for current user and list the variables associated to the current user). I am beginning to think I have taken the wrong road by trying to use UserIdentity.
EDIT
Ended up biting the bullet and following the very easy approach here: How to Get Custom Property Value of the ApplicationUser in the ASP.Net MVC 5 View?
of adding a User Identity extension. Previous answers seemed complicated but that answer was simple and works!
The problem is that you are reading UserId and treating it like User object.
You need to use UserManager, to get the user User object. Inside controller's action method, you have access to UserManager, so you can simply use it:
var currentUser = UserManager.FindById(User.Identity.GetUserId());
If you are not inside controller's action method, then you need to get the UserManager from HttpContext:
var UserManager = HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
I am new to programming. How can I create a custom URL for each user to retrieve data for the entered user? For instance, www.hellothisis.com/sirushti
I understand that it's very difficult in the beginning. However, have you read the introduction to MVC? There you will understand the basics and go further.
Even though you need to read that, the answer to you question is: this
You will see the default router and the "/sirushti" is the ID. In the controller you will likely to have something like this:
public JsonResult GetUser(string alias) { ... }
Take a look on the links I've sent you and you will get what it takes to use MVC!
We would like to keep track of all user specific actions regarding the database, e.g. changing the username, getting assigned to a company and so on.
Is there any Symfony bundle that supports this kind of history logging?
doctrine offers some extensions like timestampable, blameable....
look here : http://symfony.com/en/doc/current/cookbook/doctrine/common_extensions.html
Every time an entity changes, it must have 'updatedBy' 'updatedAt' field....
(edit : excuse, i changed , first link was in french)
We know that authorization's stuff is a cross cutting concern, and we do anything we could to avoid merge business logic in our views.
But I still not find an elegant way to filter UI components (e.g. widgets, form elements, tables, etc) using the current user roles without contaminate the view with business logic. same applies for model binding.
Example
Form: Product Creation
Fields:
Name
Price
Discount
Roles:
Role Administrator
Is allowed to see and modify the Name field
Is allowed to see and modify the Price field
Is allowed to see and modify the Discount
Role Administrator assistant
Is allowed to see and modify the Name
Is allowed to see and modify the Price
Fields shown in each role are different, also model binding needs to ignore the discount field for 'Administrator assistant' role.
How would you do it?
On way I could think to do this is create your own versions of the input extension methods. For example instead of TextBox you could create TextBoxRoles and define it like this:
public static MvcHtmlString TextBoxRoles(
this HtmlHelper htmlHelper,
string name,
string RolesEdit,
string RolesView
)
Then in code it would look like this:
<%= Html.TextBoxRoles("Price", "Administrator","Administrator,Assistant") %>
Then your implementation of TextBoxRoles would check the roles of the current user via User.IsInRole() to determine what should appear on the page.
Of course you would have to do this for every input extension method you use.
Since you already have both the current user and access to the authorization provider in your controllers this is an ideal responsibility for them. Using a naive implementation you might pass a collection of widgets to your view after you filtered which widgets the current user has access to. In the case of your form field, things might get hairy when you consider client side validation.
The binding part would be the most straight forward of all, having a custom binder for these special cases will do the trick specially well since it will have access to the controller context and you can grab the current user from there and bind the values according to your role definitions.
What about something like LinFu, an AOP framework? If it's crosscutting, then declare it is so and treat it as such.
I use SqlWebEventProvider to log the exceptions to sql server, and it works fine.
I also want to log custom exceptions to aspnet_WebEvent_Events table programmatically. Similar to - http://fredrik.nsquared2.com/viewpost.aspx?PostID=107&showfeedback=true
WebBaseEvent.Raise(new WebErrorEvent("My Error message", null, 5000, e));
I get an error saying "Cannot access constructor 'WebErrorEvent' here due its protection level.
Appreciate your comments...
If you wish to log custom events, you may consider creating your own event by inheriting from one of the predefined event classes found in System.Web.Management.
Here is a good reference written by Scott Mitchell. It is pretty easy to follow
https://web.archive.org/web/20211020121454/https://www.4guysfromrolla.com/articles/062707-1.aspx
The constructor for class WebErrorEvent is private. You can't instantiate an object of this class.
Take a look at Using Access Modifier private with Constructor in the article titled What are constructors in CSharp - A Step Ahead Series?.