/// <summary> /// This checks the current identity is a UmbracoBackOfficeIdentity, if so, it updates its roles and re-sets the cookie /// if we are in an HttpContext. /// </summary> /// <param name="roleNames">The role names.</param> /// <param name="userNames">The user names.</param> private static void AddRolesToCurrentIdentity(IEnumerable<string> roleNames, IEnumerable<string> userNames = null) { //remove the current role from the user data if (Thread.CurrentPrincipal.Identity is UmbracoBackOfficeIdentity) { var identity = (UmbracoBackOfficeIdentity)Thread.CurrentPrincipal.Identity; if (userNames == null || userNames.Contains(identity.Name)) { identity.Roles = identity.Roles.Union(roleNames).ToArray(); //now we need to reset the cookie)) if (HttpContext.Current != null) { var wrapper = new HttpContextWrapper(HttpContext.Current); wrapper.CreateUmbracoAuthTicket(new UserData { AllowedApplications = identity.AllowedApplications, Username = identity.Name, RealName = identity.RealName, Roles = identity.Roles, SessionTimeout = identity.SessionTimeout, StartContentNode = identity.StartContentNode.ToString(), StartMediaNode = identity.StartMediaNode.ToString() }); } } } }