View Single Post
 
Old 06-03-2013, 07:59 AM
james2k2's Avatar
james2k2 james2k2 is offline
Junior Contributor
 
Join Date: Oct 2002
Posts: 352
Default User Roles Problem

Hi All,

I'm in the middle of developing a system where the page data is authenticated against the current user before being displayed. Now, this was working and now it's not.

Basically, I have an SQL database where each row contains the Page Data and also what roles have access to that Page Data. The Roles column could have any number of roles or usernames mixed within it per page, for example:

"jsmith,Domain Admins,Web Editors" In this example, only John Smith (jsmith), Domain Administrators and Web Editors are allowed to view the content. SO I created a Function that dealt with this:

Code:
Public Function UserIsInRole(RoleString As String) As Boolean
        'checks to see if a comma delimited string of roles is part of the currently logged in user

        Dim SplitRoles() As String = Strings.Split(RoleString, ",")     'break down the roles to an array
        Dim RoleCount As Integer = 0                                    'set role count to zero

        For Each Role As String In SplitRoles                           'check each role in the array against the user
            If User.IsInRole(Role) Then RoleCount += 1
        Next

        If RoleCount > 0 Then
            Return True
        Else
            Return False
        End If
    End Function
I already realise I've not got the Domain in the check string (for ex. "myDomain\" & Role) but this didn't seem to matter previously.

Also, as you can see above, I'm using the IsInRole to query the Username, and this also used to work, but now returns False. Everything I try returns False except for 'Everyone'. So I now changed my code to include the domain in the role check and this only works for custom roles or non-admin roles. If I produce a role list for the current user, I can confirm that these 'Admin' roles are missing, unless I run IE as an Administrator and then they appear.

Bit of background: ASP.NET 2.0, IIS7, Local Machine Testing (localhost). I'm using ASP.NET 2.0 as I intend to eventually run it on a Win2k3 server that's only got 2.0 installed.

Any ideas?

Many thanks,
James
__________________
I don't have a signature
Reply With Quote