// isolated session management for the RoleProvider to avoid
// issues with automated management of session lifecycle.
public override string[] GetRolesForUser(string username)
{
try
{
using (var session = GlobalSetup.SessionFactory.OpenSession())
{
var users = new UserRepository(session);
var user = users.Get(username);
// no role if user is not registered
if (null == user) return new string[0];
// default role for registered user
return user.IsManager ? new[] {"Manager", "User"} : new[] {"User"};
}
}
// TODO: exception is not be left un-processed
catch (Exception)
{
// role should not fail in case of DB issue.
return new string[0];
}
}
public override bool IsUserInRole(string username, string roleName)
{
if("Manager" != roleName && "User" != roleName) return false;
try
{
using (var session = GlobalSetup.SessionFactory.OpenSession())
{
var users = new UserRepository(session);
var user = users.Get(username);
if (null == user) return false;
return (user.IsManager && "Manager" == roleName) || ("User" == roleName);
}
}
catch (Exception) // TODO: exception is not be left un-processed
{
// role should not fail in case of DB issue.
return false;
}
}
