MVC 5 - Roles - IsUserInRole and Adding user to role

Asked 9/9, 2014 at 10:26 Answered 12/10, 2014 at 18:47

Solved c#asp.net-mvc-5 claims-based-identity asp.net-roles

In MVC4 i used Roles.IsUserInRole to check if a given user is in some role. However, with MVC5 i can't do it anymore...

At first, it asked me to enable RoleManager at the web.config but then i discovered that microsoft moved away from Web.Security to Microsoft.AspNet.Identity.

My question now is, with Microsoft.AspNet.Identity how do i do an action similar to Roles.IsUserInRole? And/or create a relation between the Role and the User.

By the way, i'm still trying to understand the new authentication methods (ClaimsIdentity?).

Conventionalism answered 9/9, 2014 at 10:26 Comment(0)

You should read http://typecastexception.com/post/2014/04/20/ASPNET-MVC-and-Identity-20-Understanding-the-Basics.aspx for the basics of Identity 2.0!

There's also a complete demo project to get you started: https://github.com/TypecastException/AspNet-Identity-2-With-Integer-Keys

If you take this as the basis for your Identity foundation you'll end up with something like this:

var userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>();
const string name = "YourUsername"
const string roleName = "Admin";

var user = userManager.FindByName(name);
//check for user roles
var rolesForUser = userManager.GetRoles(user.Id);
//if user is not in role, add him to it
if (!rolesForUser.Contains(role.Name)) 
{
    userManager.AddToRole(user.Id, role.Name);
}

Hungry answered 9/9, 2014 at 10:35 Comment(3)

Ok, it worked... thanks. By the way, the authorize attribute isn't working... any ideia? i can't read the article right now, but i will read it from top to bottom asap. – Conventionalism 9/9, 2014 at 10:59

I suggest you ask another question with an adequate description for this problem, because all I would do here is guessing. – Hungry 9/9, 2014 at 11:0

ok thanks i created the post #25743613 – Conventionalism 9/9, 2014 at 11:9

The post above was really helpful (Thanks Serv, would vote up if my reputation allowed me to). It helped me solve an issue I was having with a few minor changes to fit what I was trying to achieve. My particular problem was that I wanted to check in an MVC view if the current user was in a given role group. I also found that Roles.IsUserInRole was no longer working.

If you are doing this in a view, but using ASP.NET identity 2.0 instead of the simple membership provider offered by previous MVC versions, the following might be helpful as a 1-line solution:

bool isAdmin = HttpContext.Current.User.IsInRole("Admin");

You may then combine it with HTML to selectively show menu items (which is what I've been using it for) with something like this:

@if (isAdmin)
{
    <li>@Html.ActionLink("Users", "List", "Account")</li>
}

This allows me to prevent access to the user management hyperlinks where the user is not a member of the 'Admin' role.

Bathilda answered 12/10, 2014 at 18:47 Comment(1)

Nice (1up), this helped me too! – Gaud 3/2, 2015 at 3:26

Recommended topics

Hot tags