All geek questions in one place

How to check if only one role matches?

I need to filter users by roles, but all users belong to two roles

Example: Admin and Group1 for one user and User and Group1 for another.

Now I want to filter out their Group1 Role and ignore Admin and User .

 public ViewResult Index() { string[] roles = Roles.GetRolesForUser(); var group = string.Join(" ", roles ); group = group.Replace("Admin", "");//Used this to single out Group1 from Admin user return View(new UserViewModel { Users = _userService.FindAll().Where(x => Roles.GetRolesForUser(x.UserName).Contains(group)), Roles = roles }); }

This is not a mistake, but it shows it empty. I think I know why, but still can't figure out how to get around this ...

+4
source share
3 answers
 public ViewResult Index() { var roleFilter = Roles.GetRolesForUser().First(r => !r.equals("Admin")); return View(new UserViewModel { Users = _userService.FindAll().Where(x => Roles.GetRolesForUser(x.UserName).Contains(roleFilter)), Roles = new [] {roleFilter} }); }
+2
source

Ok, here it is. My understanding of your problem is that you want to check if the user has one or more specific roles. If yes, allow access; otherwise, deny them access and send them into a black hole. In your example, it sounds like you only want to test one specific role. By reading some of your comments, you can also check out several roles at some point. The sample code that I will show you allows you to check the user for a set of one or more roles that the user must be assigned to access the page.

 string[] requiredRoles = new string[] { "Awesome", "Pancake" }; if (requiredRoles.Except(theUsersAssignedRoles).Any()) { // Authorization has failed! // The user is not awesome and they are not a pancake. } else { // User is awesome and a pancake so let them through. }

The idea here is to take a list of all the required roles and subtract all the roles that the user has assigned to him or her. If after subtraction there are any roles remaining in the list, then the user does not have all the necessary roles. Here are some examples. The roles that are required for authorization are to the left of the subtraction sign, while the roles assigned by the user are to the right of the subtraction sign, as is the above code.

The user is amazing and damn, so they are allowed access. Note that we end up with an empty array, which means that the user meets the requirements:

 { "Awesome", "Pancake" } - { "Awesome", "Pancake" } = { }

The user is just a pancake. They are not allowed access. The resulting set contains "Awesome", so it means that they lack the role of "Awesome":

 { "Awesome", "Pancake" } - { "Pancake" } = { "Awesome" }

This user is not amazing or damn, but she is the admin. However, entering the page requires amazing pancakes so that this user is denied access:

 { "Awesome", "Pancake" } - { "Admin" } = { "Awesome", "Pancake" }

If you have any questions or this is not what you want, leave a comment. I will be happy to help you if necessary.

+2
source

It looks like you are trying to use this method:

http://msdn.microsoft.com/en-us/library/system.web.security.roleprovider.getusersinrole.aspx

Options

roleName Type: System.String The name of the role to get the list of users.

0
source

Source: https://habr.com/ru/post/1437647/

More articles:


All Articles