Chapter 8
Adding users to roles
Now that the roles are in place and it is possible to also delete them if required, the next step is adding users to the roles created. A role doesn’t do much good if no users are associated with the role. To add a single user to a single role, you use the following construct:
Roles.AddUserToRole(username As String, rolename As String)
To add a single user to multiple roles at the same time, you use this construct:
Roles.AddUserToRoles(username As String, rolenames() As String)
To add multiple users to a single role, you use the following construct:
Roles.AddUsersToRole(usernames() As String, rolename As String)
Then finally, to add multiple users to multiple roles, you use the following construct:
Roles.AddUsersToRoles(usernames() As String, rolenames() As String)
The parameters that can take collections, whether they are usernames() or rolenames(), are presented to the method as String arrays.
Getting all the users of a particular role
Looking up information is easy in the role management service, whether you are determining which users are contained within a particular role, or whether you want to know the roles that a particular user belongs to.
Methods are available for either of these scenarios. First, look at how to determine all the users contained in a particular role, as illustrated in Listing 8-23.
Listing 8-23: Looking up users in a particular role
VB
<%@ Page Language=”VB” %>
<script runat=”server”>
Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) DropDownDataBind()
End Sub
Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)
GridView1.DataSource = Roles.GetUsersInRole(DropDownList1.SelectedValue)
GridView1.DataBind()
DropDownDataBind()
End Sub
Sub DropDownDataBind()
DropDownList1.DataSource = Roles.GetAllRoles()
DropDownList1.DataBind()
256
Membership and Role Management
End Sub
</script>
<html xmlns=”http://www.w3.org/1999/xhtml” > <head runat=”server”>
<title>Role Manager</title> </head>
<body>
<form id=”form1” runat=”server”> Roles:
<asp:DropDownList ID=”DropDownList1” Runat=”server”> </asp:DropDownList>
<asp:Button ID=”Button1” Runat=”server” Text=”Get Users In Role” OnClick=”Button1_Click” />
<br /> <br />
<asp:GridView ID=”GridView1” Runat=”server”> </asp:GridView>
</form>
</body>
</html>
C#
<%@ Page Language=”C#” %>
<script runat=”server”>
void Page_Load(object sender, EventArgs e)
{
DropDownDataBind();
}
void Button1_Click(object sender, EventArgs e)
{
GridView1.DataSource = Roles.GetUsersInRole(DropDownList1.SelectedValue); GridView1.DataBind();
DropDownDataBind();
}
void DropDownDataBind()
{
DropDownList1.DataSource = Roles.GetAllRoles(); DropDownList1.DataBind();
}
</script>
This page creates a drop-down list that contains all the roles for the application. Clicking the button displays all the users for the selected role. Users of a particular role are determined using the GetUsersInRole method. This method takes a single parameter — a String value representing the name of the role:
Roles.GetUsersInRole(rolename As String)
When run, the page looks similar to the page shown in Figure 8-19.
257
Chapter 8
Figure 8-19
Getting all the roles of a particular user
To determine all the roles for a particular user, create a page with a single text box and a button. In the text box, you type the name of the user, and a button click initiates the retrieval and populates a GridView control. The button click event (where all the action is) is illustrated in Listing 8-24.
Listing 8-24: Getting all the roles of a specific user
VB
Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) GridView1.DataSource = Roles.GetRolesForUser(TextBox1.Text)
GridView1.DataBind()
End Sub
C#
void Button1_Click(object sender, EventArgs e)
{
GridView1.DataSource = Roles.GetRolesForUser(TextBox1.Text.ToString()); GridView1.DataBind();
}
The preceding code produces something similar to what is shown in Figure 8-20.
Figure 8-20
258
Membership and Role Management
To get the roles of a particular user, you simply use the GetRolesForUser method. This method has two possible signatures. The first is shown in the preceding example — a String value that represents the name of the user. The other option is an invocation of the method without any parameters listed. This returns the roles of the user who has logged into the membership service.
Removing users from roles
In addition to adding users to roles, you can also easily remove users from roles. To delete or remove a single user from a single role, you use the following construct:
Roles.RemoveUserFromRole(username As String, rolename As String)
To remove a single user from multiple roles at the same time, you use this construct:
Roles.RemoveUserFromRoles(username As String, rolenames() As String)
To remove multiple users from a single role, you use the following construct:
Roles.RemoveUsersFromRole(usernames() As String, rolename As String)
Then finally, to remove multiple users from multiple roles, you use the following construct:
Roles.RemoveUsersFromRoles(usernames() As String, rolenames() As String)
The parameters shown as collections, whether they are usernames() or rolenames(), are presented to the method as String arrays.
Checking users in roles
One final action you can take is checking whether or not a particular user is in a role. You can go about this in couple of ways. The first is using the IsUserInRole method.
The IsUserInRole method takes two parameters — the username and the name of the role:
Roles.IsUserInRole(username As String, rolename As String)
This method returns a Boolean value on the status of the user, and it can be used as shown in Listing 8-25.
Listing 8-25: Checking a user’s role status
VB
If (Roles.IsUserInRole(TextBox1.Text, “AdminPageRights”)) Then
‘ perform action here
End If
C#
If (Roles.IsUserInRole(TextBox1.Text.ToString(), “AdminPageRights”))
{
// perform action here
}
259
Chapter 8
The other option, in addition to the IsUserInRole method, is to use FindUsersInRole. This method enables you make a name search against all the users in a particular role. The FindUsersInRole method takes two parameters — the name of the role and the username, both as String values:
Roles.FindUsersInRole(rolename As String, username As String)
Listing 8-26 shows an example of this method.
Listing 8-26: Checking for a specific user in a particular role
VB
<%@ Page Language=”VB” %>
<script runat=”server”>
Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) GridView1.DataSource = _
Roles.FindUsersInRole(“AdminPageRights”, TextBox1.Text) GridView1.DataBind()
End Sub </script>
<html xmlns=”http://www.w3.org/1999/xhtml” > <head runat=”server”>
<title>Role Manager</title> </head>
<body>
<form id=”form1” runat=”server”>
<asp:TextBox ID=”TextBox1” Runat=”server”></asp:TextBox> <asp:Button ID=”Button1” Runat=”server” Text=”Button” OnClick=”Button1_Click” />
<p><asp:GridView ID=”GridView1” Runat=”server”> </asp:GridView></p>
</form>
</body>
</html>
C#
<%@ Page Language=”C#” %>
<script runat=”server”>
void Button1_Click(object sender, EventArgs e)
{
GridView1.DataSource =
Roles.FindUsersInRole(“AdminPageRights”, TextBox1.Text.ToString()); GridView1.DataBind();
}
</script>
260