Create Roles to Hide / Show Menu

5

I'm developing my first application in Asp.NET MVC and now creating the restriction and authorization part of users. I would like to do this so that the menus in my application would only be accessible to certain users.

For example:

@if ("administrador")
{
     <li>@Html.ActionLink("Agenda", "Index", "Agenda")</li>
     <li>@Html.ActionLink("Criar", "Create", "Agenda")</li>
}

That is, in my layout identify which type of user can see that menu. So my questions are:

  • How to assign which users are administrators, for example?
  • How to create a controller identifying which user is logged in (I use windows authentication)
  • Check which group it is part of? I do not use Cookie , nor Session in my application, is it via Windows Authentication?
  • I get user authentication through a class

    public static class UserDetails
    {
        public static string GetMatricula(string userName)
        {
            string matricula = userName.Substring(userName.IndexOf(@"\") + 1);
            return matricula;
        }
    }
    

    And in the controller I have

    public ActionResult Index()
    {
        var matricula = UserDetails.GetMatricula(User.Identity.Name);
        var usuario = db.Usuarios.FirstOrDefault(x => x.Matricula == matricula);
    }
    

    The enrollment field is the same as the user's log on Windows . This way as soon as the user signs in to the application, he automatically opens with his name and enrollment     

    asked by anonymous 07.07.2014 / 17:27

    1 answer

    2

    How to assign which users are administrators?

    Using Roles . For example:

    @if (User.IsInRole("Administrador")) { ... }
    

    How to create a controller identifying which user is logged in (I use windows authentication) and check which group it is part of?

    Actually you do not necessarily need to use a Controller . It is best to use some user and profile management provider such as ASP.NET Membership and ASP.NET Identity .

    In your case, I would create a new Model named Profile :

    public class Perfil 
    {
        [Key]
        public int PerfilId { get; set; }
        [Required]
        public String Nome { get; set; }
    
        public virtual ICollection<UsuarioEmPerfil> UsuariosEmPerfis { get; set; }
    }
    

    And one more associative table, for example:

    public class UsuarioEmPerfil 
    {
        [Key]
        public int UsuarioEmPerfilId { get; set; }
        [Index("IUQ_UsuarioEmPerfil_UsuarioId_PerfilId", IsUnique = true, Order = 1)]
        public int UsuarioId { get; set; }
        [Index("IUQ_UsuarioEmPerfil_UsuarioId_PerfilId", IsUnique = true, Order = 2)]
        public int PerfilId { get; set; }        
    
        public virtual Usuario Usuario { get; set; }
        public virtual Perfil Perfil { get; set; }
    }
    

    [Index] , introduced in this form from the Entity Framework 6.1.0, guarantees the uniqueness of the associative register. Additional validations may be required in the application to avoid extraneous errors of key duplication for the user.

    Usuario would receive the Association of Users with Profiles:

    public class Usuario
    {
        ...
        public virtual ICollection<UsuarioEmPerfil> UsuariosEmPerfis { get; set; }
    }
    

    Would reimplement% RoleProvider by following the sketch of this answer (just notice that I use the name Role instead of the name Perfil ).

    Finally, you would use the following command in the View:

    @if (User.IsInRole("Administrador")) { ... }
    

    This command uses the IsUserInRole method of its RoleProvider .

        
    07.07.2014 / 18:27