Role specific controls in Views

Question

I'm trying to hide controls based on a user's role. I used to be able to do something like

@if (User.IsInRole("Admin"))
            {Html.ActionLink("RolesAdmin", "Index", "RolesAdmin")}

in the view but this doesn't seem to work anymore. After much digging I found that Identity 2.0 doesn't use this at all.

Is there still something I can use directly from the View? Or am I doing this completely wrong?

"Identity 2.0 doesn't use this at all." is incorrect. See Hao's answer below. Several thousand customers report roles works fine in my tutorial http://azure.microsoft.com/en-us/documentation/articles/web-sites-dotnet-deploy-aspnet-mvc-app-membership-oauth-sql-database/ — RickAndMSFT, Aug 14 '14 at 19:27

score 0 · Answer 1 · edited May 23 '17 at 11:44

0

This type of logic is better placed inside a controller, leave the views for rendering.

You can use Html.Action with a combination of ChildActions in your controller and render partial views depending on the users role.

I posted a question similar to this a while ago and think it would be helpful to you.

Role Based Navigation

-EDIT-

For clarification, this works using the new ASP.NET Identity

This would go in the layout

@Html.Action("BuildNavigation", "Component")

And this would be your controller.

public class ComponentController : Controller
{

    [ChildActionOnly]
    public ActionResult BuildNavigation()
    {

        if (this.User.IsInRole("customer"))
        {
            return PartialView("_NavigationCustomer");
        }
        else
        { 
            return PartialView("_NavigationBasic"); 
        }


    }
}

This should get you going in the right direction.

edited May 23 '17 at 11:44

Community

1
1

answered Jul 23 '14 at 18:50

matt.

2,355
5
32
43

That's a lovely solution and I put it in straight away as it's exactly what I wanted but unfortunately when I tried running it I got: "The Role Manager feature has not been enabled". I have been down this lane yesterday and all the posts I found were advising me to add a RoleManager to my web.config which also seemed to be a dead end. – RekaB Jul 24 '14 at 06:41
I got it working using [this answer](http://stackoverflow.com/a/24311573/2932714) – RekaB Jul 24 '14 at 06:51
Hao's solution below doesn't require two different views to be maintained. Simple display/don't display logic is fine in the view. Check out the Views\Shared\_LoginPartial.cshtml view, which has similar logic. – RickAndMSFT Aug 14 '14 at 19:23

score 0 · Answer 2 · answered Jul 23 '14 at 23:41

0

This should still work fine, as the identity samples are currently doing something similar to only display top level links for "Admins"

            @if (Request.IsAuthenticated && User.IsInRole("Admin")) {
                <li>@Html.ActionLink("RolesAdmin", "Index", "RolesAdmin")</li>
                <li>@Html.ActionLink("UsersAdmin", "Index", "UsersAdmin")</li>
            }

answered Jul 23 '14 at 23:41

Hao Kung

28,040
6
84
93

These type of conditional statements don't really belong in the View. The controller should be handling this. – matt. Jul 24 '14 at 16:31
1

Before this gets out of hand, nwdev's point is valid that putting the role checking code in the view violates the MVC pattern, so this question (and the identity sample) isn't following best practices for MVC in this case. – Hao Kung Aug 14 '14 at 21:28

Role specific controls in Views

2 Answers2