//OR: Application_PostAuthenticateRequest protected void FormsAuthentication_OnAuthenticate(object sender, FormsAuthenticationEventArgs e) { if (FormsAuthentication.CookiesSupported == true) { if (Request.Cookies[FormsAuthentication.FormsCookieName] != null) { try { //Discover user's name string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name; string roles = string.Empty; //using (userDbEntities entities = new userDbEntities()) //{ // User user = entities.Users.SingleOrDefault(u => u.username == username); // roles = user.Roles; //} ////let us extract the roles from our own custom cookie var context = new EAFormDBContext(); var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context)); var RoleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(context)); //Query UserManager to discover role(s) for this user to store in IPrincipal ApplicationUser appUser = UserManager.FindByName(username); if (appUser == null) { //They've logged in BUT are not in any of our lists Elmah.ErrorSignal.FromCurrentContext().Raise(new Exception("Logged in user does not have a role. User name = " + username)); } else { var delim = ""; foreach (var role in appUser.Roles) { roles += delim + role.Role.Name; delim = ";"; } } //Set the Pricipal with roles e.User = new System.Security.Principal.GenericPrincipal(new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';')); } catch (Exception ex) { Elmah.ErrorSignal.FromCurrentContext().Raise(ex); } } } }
public static bool IsInRole(string roles) { string[] rolesArray = roles.Split(','); var context = new EAFormDBContext(); var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context)); ApplicationUser appUser = UserManager.FindByName(HttpContext.Current.User.Identity.GetUserName()); if (appUser != null) { foreach (var roleObj in appUser.Roles) { if (rolesArray.Contains(roleObj.Role.Name)) return true; //if (roleObj.Role.Name == role) // return true; } } return false; }
//We had to override this method because the .NET CAS client does not //support the "User.IsInRole" method // //TO DO: remove this functionality and go back to User.IsInRole once the CAS //client has been written to support this. This is inefficient because it queries the DB //everytime. protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) throw new ArgumentNullException("httpContext"); IPrincipal user = httpContext.User; if (!user.Identity.IsAuthenticated) { return false; } var _usersSplit = SplitString(this.Users); var _rolesSplit = SplitString(this.Roles); if (_usersSplit.Length > 0 && !_usersSplit.Contains(user.Identity.Name, StringComparer.OrdinalIgnoreCase)) { return false; } if (_rolesSplit.Length > 0) { var context = new EAFormDBContext(); var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context)); ApplicationUser appUser = UserManager.FindByName(user.Identity.Name); //(HttpContext.Current.User.Identity.GetUserName()); if (appUser != null) { foreach (var roleObj in appUser.Roles) { foreach (var passedInRole in _rolesSplit) if (roleObj.Role.Name == passedInRole) return true; } } return false; } return true; }
public override bool IsValid(object value) { IPrincipal user = HttpContext.Current.User; var RolesArray = Roles.Split(','); if (RolesArray.Length > 0) { var context = new EAFormDBContext(); var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context)); ApplicationUser appUser = UserManager.FindByName(user.Identity.Name); if (appUser == null || appUser.Roles == null) return false; foreach (var roleObj in appUser.Roles) { foreach (var passedInRole in RolesArray) if (roleObj.Role.Name == passedInRole) return true; } return false; } return false; }