C# - Handling Multiple Roles In MVC - Action-based Accessibility?
Mar 29, 2011
I currently have a project that I seem to have ran into an issue regarding Roles and thought I would get some opinions on how to best handle the problem. The system will require editable, flexible roles that control not only the access of specific areas, but also the use of system functions (Adding Users, Editing Users, Viewing Reports etc.)The system currently allows users to have multiple roles, each of those roles has explicitly defined areas of access/actions, for example:
Role A can access areas 1,2,3 and can Add Users.
Role B can access areas 1,5,7 and can Modify Users.
Role C can access areas 4,6 and only View Users.
so a User could be in Roles A and C, and thus access : 1,2,3,4 and 6, and could Add and View Users.My first solution was to create a dictionary that would store all of the possible areas of access/access options into a Dictionary like so:
Dictionary<string,bool>
then when it is instantiated it pulls all of the properties from the database and then iterates through the roles to determine if they are accessible.All of that currently works just fine - however the project is quite Javascript/jQuery intensive so many of these options are called by client-side functions. I am trying to avoid having to wrap all of these client side functions with:
<%if(AccessDictionary[key])
//Enable or Disable Action
<%}%>
I am wondering about the following things: After a user logs in, what is the best way to store this Dictionary? Statically? In the Session?What would be the best method of storage such that the Dictionary will be easily accessed in the View? (As I currently see no way around wrapping my client-side functions)!
I have a multi level application that I am developing and need to block multiple rows from being joined. I know how to hide one role but I cannot figure out how to hide multiple.
I have an ASP.net page. That has an Ajax Toolkit Tab Control.hat has tabs.That have custom ascx controls I wrote.I have a text box that perform a search action. It is declared like this:
Nothing fancy. This format has been working for months. There's no submit button. It just posts back when I hit enter. The problem appeared when I added a second custom control using the same type of feature. Now browsers don't postback when I type something in either of these textboxes and press enter.It seems that browsers have a default way of handling one textbox in one form, but that behavior changes when the number reaches two.Is there an easy way around this? I guess I can create a hidden submit button but it seems like there is probably a better way to deal with this when the functionality is in two separate custom controls.
I need to create application wide error handling mechanism. I was evaluating Action Filter for that matter. But- Action filter will just exectute against actions/controller- what about error at custom view engine or Extension method for HTML helper.: to handle them i need to implement traditional Asp.net mechanismCan anyone suggest best common approach which can handle error for all Controller, View, Model or custom helpers if any.
I am new to this MVC and have a basic question related to validation. I have a create view for customer and based on the customer entity partial class metadata, I am validating the user input and its working fine as expected when the user clicks the create button.I also have a search button in the same create view, which is used for auto generation of some of the field values. When the user clicks the search button the action method create (post) is called with the corresponding button value as argument.the issue here is when the user clicks the search button most of the user input fields will be blank and the validation fails because of that.
We are developing products that will be used in the following way:
Various shared libraries which may be used by multiple products. I anticipate these libraries will mostly need to access string resources that contain error messages/exceptions. Various end-user based applications, designed to run as standalone apps on a PC. They will be required to support multiple languages upon deployment/installation.
Various web-sites which may be required to support multiple languages either at deployment time or possibly at runtime (i.e. minimal or zero downtime). Potentially the site might need to support multiple languages at the same time if being accessed globally.
We may be required to allow customers access to our language files for editing themselves. We would not wish to allow them access to our source code (other than the resource files/dlls) in order to achieve this. We might need to incorporate a facility to log exceptions in our native language (English in this case) and display them in the translated language. This will us debug our customers solutions in the field.
I am already aware of products like RCWinTrans and handling multiple languages in VC++/MFC applications. However, the requirements we are faced with here are more extensive and thus require us to make a few up front decisions that could be difficult to change long term, so ideally we want to make the best choice now. Based on my own knowledge, I have a few questions although I may be missing some tricks with .net that will be happily received. Here are my questions:
What would be best? Put all our resources in a seperate DLL per VS solution OR put the resources in each VS project. The way I see it per solution is easier to manage, modify, and allow customer access. The per project solution seems cleaner though and makes the individual projects more portable. This method would apply to our shared library based solutions as well as our end-application based solutions.
Is it possible to have two seperate resource files loaded at once i.e. if we want to log the exceptions in English but supply them back up the food chain (as a message in an exception) in the translated language? Are there any tricks we can use to automate this like AOP?
I'm planning to make a page that has about 10 different pages for varying use, for example, stats, data entry, reports, logistics, audit, sales, promo, etc etc. I'm anticipating there will be many combinations as to what pages a user may have access to, for each page, a user ought to be authorized to either enter new data, edit data, print and/or just view.
My questions are :
1. can membership & roles be used, once user is logged in, to display links to all the areas of the web app he is allowed access to?
[code]....
2. besides having access to a particular page, a user should, as mentioned before, be authorized to either enter new, edit, print and/or just view data. 3. Is there a preferred/better method to handle this besides using membership & roles?
I'm trying to redirect users upon login based on their roles which were defined in the Administer website feature of asp.net.Heres what I'm trying protected void Login1_LoggedIn(object sender, EventArgs e)
I am currently working on a website with a Tab Container with roughly 5-10 tabs. I would like to have an Admin tab that is disabled to all users except those who are assigned in an Admin role (I have 2 roles, Admins and Customers). I am fairly new to ASP.NET so please bare with me. I have been crashing through it for about 3 weeks now, trying to help a friend get a site up and running!
I have a website where users can login and they have different roles/privileges. I want to have it where the user's view of the webpage is determined by their role. Right now I am storing the role in the UserData property of the FormsAuthenticationTicket class (which is retrieved from a database during login). When the main page is loading, I want it to check the user's role and then only show the controls/portions of the page that are for that role. For example, if the user is not an administrator, they shouldn't be able to click on a button to delete a record. At the moment I am using labels to hide or show areas depending on the user's role. Something like this:
[Code]....
[Code]....
And here is a portion of the markup code with the Labels:
[Code]....
This works, but doesn't seem to be a very good way to handle this type of thing. Is there a cleaner, more elegant way of doing this? Something similar to the LoginView control, but which I can use for roles?
I have implemented membership and enable role based on. I have 2 roles "admin" and "super_admin" and once the user login, I want to redirect them to different folder based on their role. My guess is, the redirection need to be determined once the user clicked login on the login control and here is my code.
[Code]....
However, whenever the user login (regardless of admin or super_admin) the page keeps redirection to Anyone/Default.aspx.
I'm trying to implement the following adjustments to the default ASP.NET RoleProvider so that it supports hierarchical role definitions. However i cannot create the following function, it keeps Executing the function.
Ref: [URL]
What is wrong with this function?
-- Template generated from Template Explorer using: -- Create Multi-Statement Function (New Menu).SQL -- -- Use the Specify Values for Template Parameters -- command (Ctrl-Shift-M) to fill in the parameter -- values below. -- -- This block of comments will not be included in -- the definition of the function. SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO -- Author: <Author,,Name> -- Create date: <Create Date,,> -- Description: <Description,,> CREATE FUNCTION [dbo].[aspnet_Roles_Ancestor_TVF] ( @RoleId uniqueidentifier ) RETURNS @aspnet_Roles TABLE ( ApplicationId uniqueidentifier , RoleId uniqueidentifier , RoleName nvarchar(256) , LoweredRoleName nvarchar(256) , Description nvarchar(256) , ParentRoleId uniqueidentifier ) AS BEGIN ; WITH aspnet_Roles_CTE ( ApplicationId , RoleId , RoleName , LoweredRoleName , Description , ParentRoleId , HierarchyLevel ) AS (
I am using ASP.NET MVC 3. We assign roles to certain people at work, then we use Windows authentication to determine what roles a user has. Lets say the roles are RoleA, RoleB and RoleC. So now I get a list of roles for a user. Lets says that UserA belongs to RoleA and RoleB. Some of my views need to be authenticated as not everyone can view certain views. Lets say that ViewA can only be viewed by users that belong to roles RoleA and RoleB. How would I do this? What would I need to look into? When a user that does not belong to these roles tries to access the views then he/she should be redirected to an error page.
I have a bunch of divs that are widgets. I am using a custom role provider and I need to hide the divs based on roles. Is it better to add a "runat=server" attribute to the div so that I can hide/unhide in the code behind? Should I hide/unhide on the aspx page or do i use panel controls and hide/unhide in the code behind?
I'm using the built-in membership controls and classes to manage authorization and authentication in my app. Here's what I want to do: If the user is in "Manager" role, I want to send him/her to the manager page no matter where he/she came from. If the user is in "Supervisor" role, I want to send him/her to supervisor page no matter where he/she came from. However, if the user is not in any role, just a registered member, I want to send him/her back to where he/she came from as stated in ReturnUrl. If no, ReturnUrl is specified, I will send him/her to the home page.
On my login page, I'm using the Login server control but in my code behind, there's no method wired to the control because the control takes care of everything. I assume I need to add a method and wire it to the submit button, is that right? If so, I'll have to really handle the login event which means I'll need more info about how to do that.
I have been using the following tutorial and had to convert the code to C# for my project, now i cant get the code to work, im getting red line under the word "in" in the UpdateRolesFromList, i tried to add a datasource on page load for the checkboxlist like so RoleList.DataSource = PopulateRoleList(User.Identity.Name.ToString());and gives me error saying cannot implictly convert type 'void' to 'object' [URL]What am i missing, that when i load the page or even do a search it never displays the checkbox list as it shows in the tutorial?
if I set roles in a siteMapNode with title "Analiza" it works fine, the link is not shown in the navigation... but if I set roles on any of "karneki" siteMapNode the links are still visible...
Is it even posible to restrict access to lower links based on user role?
Is there a tutorial on how to redirect user to a specific web page based on his/her role? For example, I have teacher role and student role. When the teachers login, it will redirect the teacher to the teacher web page and the students redirected to the student web page.
My application have 2 Roles. Admin and Student. I created some tasks for these 2 roles by using LoginView ( Edit RoleGroup). As user login both can see there allocated tasks.
But I want to allocate some admin tasks to some student(s) not for all. How can I do it?
I have a custom menu, which leverages the standard asp.net sitemap. It works well but some of my pages are dynamically generated by URL rewriter, so they don't sit in the sitemap XML file. At the moment I rolled a custom solution which shows/hides menu items via CSS class and a programmatic check of the role that the user is in. It works ok until I visit a dynamic page that doesn't exist in the sitemap file. I've tried the "roles" attribute in the sitemap file with security trimming but it isn't working because I have a custom menu.
Is there a way I could leverage the roles attribute in the sitemap file to show/hide menu items for my custom control below, even when some pages are not in the sitemap? My menu control is below...
I am using Formsauthentication. My situation is as per below:
the login form has codebehind :
protected void LoginButton_Click(object sender, EventArgs e) { TextBox uname = Login1.FindControl("UserName") as TextBox; TextBox pass = Login1.FindControl("Password") as TextBox; CheckBox rm = Login1.FindControl("RememberMe") as CheckBox; Literal fail = Login1.FindControl("Literal1") as Literal; if (Membership.ValidateUser(uname.Text, pass.Text))
[Code].....
Now the problem is that when I try to login with proper credentials it first redirects to default.aspx( there is no such page in my project), after login again with same credentials it properly redirects to the correct page. Why such problem arises? to fix this?
I need to implement field level security based on the roles. I have a page Employee.aspx . In that i have ten controls. If i am enter as admin role i need to show all the controls. If i am enter as user have to show only five controls. How to design the appplication for control level security?