Windows Authentication, Custom Roles, MVC 5

-
There are no doubt other ways to accomplish Role Management while still keeping Windows authentication but the way I am showing you here has to be one of the easier implementation.

Let's start with the config.  After the authentication we can add in the roleManager reference.  The 'defaultProvider' is the name of our file for our CustomRoleProvider .
  <system.web>
...
  <authentication mode="Windows"/>
    <authorization>
      <deny users="?"/>
    </authorization>
    <roleManager enabled="true" defaultProvider="CustomRoleProvider">
      <providers>
        <clear />
        <add name="CustomRoleProvider" type="MyNameSpace.CustomRoleProvider"/>
      </providers>
    </roleManager>
  </system.web>

Once we have the config setup we will need to add in two files

  • Authorization file which will inherit from AuthorizeAttribute (System.Web.Mvc)
  • CustomRoleProvider file which will be responsible for fetching our roles based off our NT login credentials
I named my Authorization file AccessDeniedAuthorizeAttribute and below is the only code in the file

public class AccessDeniedAuthorizeAttribute : AuthorizeAttribute
{  public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);
            if (filterContext.Result is HttpUnauthorizedResult)
            {
//You could push straight out to a result file or to a route as shown in the second implementation which is not commented out
                //filterContext.Result = new RedirectResult("~/AccessDenied.cshtml");
                filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(
               new { action = "AccessDenied", controller = "Home" }));
            }
        }
    }
}


Then add your Custom Role Provider



 public class CustomRoleProvider : RoleProvider
    {
        public override string ApplicationName
        {
            get
            {
                throw new NotImplementedException();
            }

            set
            {
                throw new NotImplementedException();
            }
        }



        public override bool IsUserInRole(string username, string roleName)
        {
            //var user = systemUsers.Get(username);
            pdc_develEntities db = new pdc_develEntities();
           string currentuser = username.Split('\\').Skip(1).FirstOrDefault();
            var adminRole = (from b in db.systemRoles
                             join c in db.systemUserRoles on b.roleId equals c.roleId
                             join u in db.systemUsers on c.systemUserId equals u.systemUserId
                             where u.ntId == username
                             select b.roleDescription).ToList();
            if (adminRole.Contains(roleName)) { return true; }
            return false;
     
        }

        public override string[] GetRolesForUser(string username)
        {
            pdc_develEntities db = new pdc_develEntities();
            string currentuser = username.Split('\\').Skip(1).FirstOrDefault();
            var adminRole = (from b in db.systemRoles
                             join c in db.systemUserRoles on b.roleId equals c.roleId
                             join u in db.systemUsers on c.systemUserId equals u.systemUserId
                             where u.ntId == currentuser
                             select b.roleDescription).ToList();
       
            return adminRole.ToArray();
        }

        public override void CreateRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
        {
            throw new NotImplementedException();
        }

        public override bool RoleExists(string roleName)
        {
            throw new NotImplementedException();
        }

        public override void AddUsersToRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }

        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }

        public override string[] GetUsersInRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override string[] GetAllRoles()
        {
            throw new NotImplementedException();
        }

        public override string[] FindUsersInRole(string roleName, string usernameToMatch)
        {
            throw new NotImplementedException();
        }
    }


Then Call it on your controller
 [AccessDeniedAuthorize(Roles = "Administrators,SuperAdmin")]

Comments

Post a Comment

Popular posts from this blog

Linq Exclude from separate list

-
 var urlList = new List<DisplayAssets>();    var assetsToExclude = (from a in db.DisplayAssets                 join h in db.Hardware_Assets on a.id equals h.displayId                 where h.assetId == hardwareid                 select a.id); var allAssets = db.DisplayAssets; var urls = allAssets.Where(x => !assetsToExclude.Contains(x.id));         urlList = urls.Select(a => new DisplayAssets()         {             locaterAddress  = a.locaterAddress,             assetType = a.assetType,             id = a.id         })         .ToList();
Read more

Sorting Ascending and Descending

-
Toggling the direction of your datagrid sort is easy using a session to remember which direction you sorted last.   You will want to declare an empty string in the top of your page       Dim SortField As String Then on your sort command add this logic - Example of entire command Private Sub dgTaskExceptions_SortCommand( ByVal source As Object , ByVal e As System.Web.UI.WebControls.DataGridSortCommandEventArgs) Handles dgTaskExceptions.SortCommand     SortField = e.SortExpression If Session( "toggle" ) = True Then SortField += " DESC" Session( "toggle" ) = False Else SortField += " Asc" Session( "toggle" ) = True End If Dim orderstring As String = SortField 'REBIND dgTaskExceptions.DataSource = POTracking_Data.tracking.getSampleTasks(orderstring) dgTaskExceptions.DataBind() End Sub   In my datalayer I add this logic to my query and pass in an OPTIONAL value Dim orderbyString As String = String .Empt
Read more

Linq Query Syntax vs Method Syntax

-
Referenced from MSDN: https://msdn.microsoft.com/en-us/library/bb397947.aspx Query syntax: IEnumerable<int> numQuery1 =               from num in numbers             where num % 2 == 0             orderby num             select num; Method syntax:         IEnumerable<int> numQuery2 = numbers.Where(num => num % 2 == 0).OrderBy(n => n)
Read more