Databases
StackOverflow2013
Postsdbo
PORole provider and System.Web.Security.Roles
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PORole provider and System.Web.Security.Roles
    primarykey
    data
    text
    <p>I'm confused on how to use roles in my asp.net MVC4 razor project. What is the difference between the two and mainly, how can I use the authorize attribute and make it so that when I check for the role of an authenticated user it goes to my custom role provider. Or am I mixing things up here?</p> <p>More concrete:</p> <p>I have an admin controller where a user with the role "administrator" can do CRUD stuff. In my controller I apply the following attribute:</p> <pre><code>[Authorize(Roles = "administrator")] public class OverviewController : Controller </code></pre> <p>Is it correct to assume that the authorize attribute will use my custome Role provider in the back end? If so, why doesn't it work for me?</p> <p>Parts of my custom role provider class:</p> <pre><code>public sealed class CustomRoleProvider : RoleProvider { public override void Initialize(string name, NameValueCollection config) { if (config == null) throw new ArgumentNullException("config"); if (name.Length == 0) name = "CustomRoleProvider"; if (String.IsNullOrEmpty(config["description"])) { config.Remove("description"); config.Add("description", "Custom Role Provider"); } //Initialize the abstract base class. base.Initialize(name, config); _applicationName = Helpers.GetConfigValue(config["applicationName"], System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath); } public override bool IsUserInRole(string email, string roleName) { bool isValid = false; var usersInRole = _unitOfWork.UsersRepository.Get(uir =&gt; uir.email == email &amp;&amp; uir.Roles.Name == roleName); if (usersInRole != null) isValid = true; return isValid; } </code></pre> <p>What am I doing incorrect? How can a user, when he or she is correctly authenticated like so:</p> <pre><code> [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public ActionResult LoginValidate(Authentication authentication, string returnUrl) { string email = authentication.email; string password = authentication.password; bool rememberMe = authentication.rememberMe; if(string.IsNullOrEmpty(returnUrl)) returnUrl = "/"; //If the filled in fields are validated against the attributes if (ModelState.IsValid) { if (MembershipService.ValidateUser(email, password)) { FormsService.SignIn(email, rememberMe); return RedirectToAction("Index", "Home", new { area="" }); } ModelState.AddModelError("", Resources.Resources.Error_incorrect_emailPassword); } // Add the ModelState dictionary to TempData here. TempData["ModelState"] = ModelState; return RedirectToAction("index", "Home", new { area="" }); } </code></pre> <p>Be checked on his or hers authorization from my custom role provider?</p> <h1>Edit</h1> <p>My web.config:</p> <pre><code>&lt;roleManager enabled="true" defaultProvider="CustomRoleProvider" cacheRolesInCookie="true" &gt; &lt;providers&gt; &lt;clear /&gt; &lt;add name="CustomRoleProvider" type="ArtWebShop.Common.CustomRoleProvider" connectionStringName="ArtWebshopEntities" applicationName="/" /&gt; &lt;/providers&gt; &lt;/roleManager&gt; &lt;membership defaultProvider="CustomMembershipProvider"&gt; &lt;providers&gt; &lt;clear /&gt; &lt;add name="CustomMembershipProvider" type="ArtWebShop.Common.CustomMembershipProvider" connectionStringName="ArtWebshopEntities" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="0" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /&gt; &lt;/providers&gt; &lt;/membership&gt; </code></pre> <p> </p> <h1>Edit II</h1> <pre><code> public override bool ValidateUser(string email, string password) { string salt = _unitOfWork.UsersRepository.GetSalt(email); string hashedPassword = Helpers.CreatePasswordHash((password), salt); return _unitOfWork.UsersRepository.UserIsValid(email, hashedPassword); } </code></pre>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USreaper_unique
    1. USreaper_unique
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload