// isolated session management for the RoleProvider to avoid // issues with automated management of session lifecycle. public override string[] GetRolesForUser(string username) { try { using (var session = GlobalSetup.SessionFactory.OpenSession()) { var users = new UserRepository(session); var user = users.Get(username); // no role if user is not registered if (null == user) return new string[0]; // default role for registered user return user.IsManager ? new[] {"Manager", "User"} : new[] {"User"}; } } // TODO: exception is not be left un-processed catch (Exception) { // role should not fail in case of DB issue. return new string[0]; } }
public override bool IsUserInRole(string username, string roleName) { if("Manager" != roleName && "User" != roleName) return false; try { using (var session = GlobalSetup.SessionFactory.OpenSession()) { var users = new UserRepository(session); var user = users.Get(username); if (null == user) return false; return (user.IsManager && "Manager" == roleName) || ("User" == roleName); } } catch (Exception) // TODO: exception is not be left un-processed { // role should not fail in case of DB issue. return false; } }