|
What are Roles?
Download: RolesManagementTool.rar
Every Employ of a company
have its own kind of responsibilities and duties. This decides the circle of his
job and performance of the work related activities. This also defines the limitations
of his approach to the secure data of the company which is most of the time called
"Business Secrete". For example an HR Manager and an Account Assistant have their
own kind of Work.
Same in the web development
we have to decide that which member can access which area of the website. There
could be some kind of Roles like Users, Forum Moderators, Managers and an Admin.
How to create a Role?
If your web site is
still in construction phase and it’s on your local PC then you can use ASP .NET
Management Tool.
1st method:
If your website is still not launched.... I mean it’s on
your home PC then you can use the ASP .NET Configuration Tool.
Go to Project
menu > ASP .NET Configuration
It will open a new page for you. This is called ASP .NET
Web administration Tool. Click Security
and Click
enable roles user Roles
if they are still not enabled or you are using the Tool for 1st time.
Now click the "Create or
Manage roles"
link. This will open a new page
for you. Here, name your new Role, say "Members" and click the "Add
Role" button.
Now you have the "Members" Role. Now you have to decide
which folder should only be allowed to the Members.
Click again the "Security" Tab. this will bring you again to main page for security.
Now click "Create Access rules"
... this will open a new Page.
Here under the "Select a directory
for this rule" column select your
Folder Say you have a Folder named "Users".
Make sure that your Role "Members" is selected under "Rule applies to“ column
select the "Allow"
Radio button under “Permission” column,
Click the “Ok” Button to apply your changes.
2nd Method:
Your website is already launched… you created some roles
and have some registered Users… OR you just want to create a Roles Management Tool
for later time ... In both cases this method suits you.
You have to create a Roles Management Page where you can
create and delete the roles. So let’s do it step by step.
1.
Create a Project Name it “RolesManagementTool”
2.
Execute the Website one time. This will create the Web.config
file for you if it was not created. Click Ok Button when the Environment asks about
enabling the Web.config Debug.
3.
Go to Project
menu > ASP .NET Configuration
and run the tool
once so it create the default users Management Database “ASPNETDB.MDF” for you.
4.
This is a demo Project so we won’t create any Master Page
or any CSS files. We are directly going to create Folder for the Web Admin… call
it “Admin”.
5.
Add a new page to the Admin Folder … call it “RolesManager.aspx”…
also select the Checkbox “place code in separate
file”.
6.
Add the following code to the Page side:
<center style="margin-top:50px">
<h3>
Roles Management</h3>
<br />
<asp:Label ID="Msg"
ForeColor="maroon"
runat="server" />
<table cellpadding="10"
cellspacing="10"
border="1" rules="all">
<tr>
<td>
<table cellpadding="3"
cellspacing="1"
rules="none" align="center" border="1" style="border-style:
solid">
<tr>
<td colspan="2">
<h3>
Create a new Role</h3>
</td>
</tr>
<tr>
<td>
<asp:TextBox ID="TextBoxCreateRole"
runat="server" Width="137px"></asp:TextBox>
</td>
<td>
<asp:Button ID="ButtonCreateRole"
runat="server" Text="Create
Role" OnClick="ButtonCreateRole_Click"
/>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table height="70px"
cellpadding="3"
style="border-style:
solid" cellspacing="1"
border="1" rules="none"
align="center">
<tr>
<td colspan="2">
<h3>
Delete the selected Role</h3>
</td>
</tr>
<tr>
<td>
<asp:DropDownList ID="DropDownListRoles"
runat="server" Width="137px">
</asp:DropDownList>
</td>
<td>
<asp:Button ID="ButtonDeleteRole"
runat="server" Text="Delete
Role" OnClick="ButtonDeleteRole_Click"
/>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
7.
Now, add the following code to the
Page code behind.
protected
void Page_Load(object sender,
EventArgs e)
{
string[]
rolesArray;
MembershipUserCollection
users;
Msg.Text =
"";
if (!IsPostBack)
{
// Bind roles to ListBox.
rolesArray =
Roles.GetAllRoles();
DropDownListRoles.DataSource
= rolesArray;
DropDownListRoles.DataBind();
}
}
protected void ButtonDeleteRole_Click(object sender,
EventArgs e)
{
string str
= DropDownListRoles.SelectedValue;
if (!(str
== "Administrators"))
{
Roles.DeleteRole(str);
Response.Redirect(Request.FilePath,
false);
}
else
Msg.Text = "'Administrators' Role can not be deleted";
}
protected void ButtonCreateRole_Click(object sender,
EventArgs e)
{
Roles.CreateRole(TextBoxCreateRole.Text);
Response.Redirect(Request.FilePath,
false);
}
8. Create a new page „
ManageUsers.aspx“ and add the following code to the Page side.
<center style="margin-top: 50px">
<h3>
Users Management</h3>
<br />
<asp:Label ID="Msg"
ForeColor="maroon"
runat="server" />
<table cellpadding="10"
cellspacing="10"
border="1" rules="all">
<tr>
<td>
<table cellpadding="3"
cellspacing="1"
rules="none" align="center" border="1" style="border-style:
solid">
<tr>
<td colspan="3">
<h3>
Add User to The Selected Role</h3>
</td>
</tr>
<tr>
<td>
Users:</td>
<td colspan="2"
align="left">
<asp:DropDownList ID="UserDropDownList"
runat="server" />
</td>
</tr>
<tr>
<td>
Roles:</td>
<td align="left">
<asp:DropDownList ID="RolesDropDownList"
runat="server" />
</td>
<td>
<asp:Button Text="Add to the Role"
ID="Button2" runat="server" OnClick="AddUsers_OnClick" /></td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table cellpadding="3"
cellspacing="1"
border="1" align="center" style="border-style:
solid"
rules="none">
<tr>
<td colspan="2">
<h3>
Show Users in the selected Role</h3>
</td>
</tr>
<tr>
<td valign="middle"
height="50px">
<asp:Button Text="List Users In Role"
ID="Button1" runat="server" OnClick="ListUsers_OnClick" />
<asp:DropDownList ID="RolesDropDownList2"
runat="server" />
</td>
</tr>
<tr align="center">
<td valign="middle">
Users In Role:<br
/>
<asp:GridView runat="server"
CellPadding="4"
ID="UsersInRoleGrid" AutoGenerateColumns="false"
GridLines="None" CellSpacing="0"
AllowPaging="true"
AllowSorting="True" PageSize="25"
OnRowCommand="UsersInRoleGrid_RemoveFromRole">
<HeaderStyle BackColor="navy"
ForeColor="white"
/>
<Columns>
<asp:TemplateField HeaderText="User Name">
<ItemTemplate>
<%#
Container.DataItem.ToString()
%>
</ItemTemplate>
</asp:TemplateField>
<asp:ButtonField Text="Remove From Role"
ButtonType="Link" />
</Columns>
</asp:GridView>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
9.
Add the following code to the Page code behind.
protected
void Page_Load(object sender,
EventArgs e)
{
string[]
rolesArray;
MembershipUserCollection
users;
Msg.Text =
"";
if (!IsPostBack)
{
// Bind roles to ListBox.
rolesArray =
Roles.GetAllRoles();
RolesDropDownList.DataSource
= rolesArray;
RolesDropDownList.DataBind();
RolesDropDownList2.DataSource
= rolesArray;
RolesDropDownList2.DataBind();
// Bind users to ListBox.
users =
Membership.GetAllUsers();
UserDropDownList.DataSource
= users;
UserDropDownList.DataBind();
}
}
public void AddUsers_OnClick(object sender,
EventArgs args)
{
string[]
newusers =
new string[1]
{ UserDropDownList.SelectedValue };
// Add the users to the selected role.
try
{
Roles.AddUsersToRole(newusers,
RolesDropDownList.SelectedItem.Value);
Msg.Text = "User:\"" + newusers[0] +
"\"is added to the Role:\""
+ RolesDropDownList.SelectedItem.Value + "\"";
}
catch (Exception e)
{
Msg.Text = e.Message;
}
Response.Redirect(Request.FilePath,
false);
}
public void UsersInRoleGrid_RemoveFromRole(object sender,
GridViewCommandEventArgs
args)
{
// Get the selected user name to remove.
int index
= Convert.ToInt32(args.CommandArgument);
string username
= ((DataBoundLiteralControl)UsersInRoleGrid.Rows[index].Cells[0].Controls[0]).Text;
// Remove the user from the selected role.
try
{
Roles.RemoveUserFromRole(username,
RolesDropDownList2.SelectedItem.Value);
Msg.Text = "User:\"" + username +
"\"is removed from the Role:\""
+ RolesDropDownList2.SelectedItem.Value + "\"";
}
catch (Exception e)
{
Msg.Text = "An exception of type " +
e.GetType().ToString() +
" was encountered removing the user from the role.";
}
string[]
usersInRole;
// Re-bind users in role to GridView.
usersInRole =
Roles.GetUsersInRole(RolesDropDownList2.SelectedItem.Value);
UsersInRoleGrid.DataSource = usersInRole;
UsersInRoleGrid.DataBind();
}
public void ListUsers_OnClick(object sender,
EventArgs e)
{
string[]
usersInRole;
if (RolesDropDownList2.SelectedItem
!= null)
{
usersInRole =
Roles.GetUsersInRole(RolesDropDownList2.SelectedItem.Value);
UsersInRoleGrid.DataSource
= usersInRole;
UsersInRoleGrid.DataBind();
}
}
10.
Also add
Login and
Registration pages to the Project. use
Login and
CreateUserWizard Controls for that (code can be viewed in the
attached demo Project)
11. Do some changings in the Web.config add these lines of code inside
<system.web> </system.web>
Tag.
<roleManager enabled="true"
/>
<authentication
mode="Forms">
<forms
loginUrl="Login.aspx"
protection="Validation" timeout="30"/>
</authentication>
<authorization>
<allow
users="*"/>
</authorization>
12.
add restriction to the Admin Folder add these lines of
code just under
<system.web> </system.web>
end tag:
<location
path="Admin">
<system.web>
<authorization>
<allow
roles="Admin"/>
<deny
users="*"/>
</authorization>
</system.web>
</location>
Download the code for more explanation.
Download: RolesManagementTool.rar
|