1
    public void AddUserToRole(Guid userId, string roleName)
    {
        var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(DbContext));
        var user = userManager.FindById(userId.ToString());
        userManager.AddToRole(user.Id, roleName);
        DbContext.SaveChanges();
    }

I try to add a user to a role like shown above. However it does not work because when trying to go to the following controller action:

 [AuthorizeUser(Roles = RoleEnums.UserWithProfile)]
 public ActionResult Index(Guid? userProfileId)
 {

 }

It fails to authorize. What is strange is that it successfully manages to authorize users added in the database seeding.

private void SeedUserRoles(List<ApplicationUser> applicationUsers, DbContext dbContext)
        {
            var userStore = new UserStore<ApplicationUser>(dbContext);
            var userManager = new UserManager<ApplicationUser>(userStore);
            userManager.AddToRole(applicationUsers[0].Id, RoleEnums.UserWithProfile);
            userManager.AddToRole(applicationUsers[1].Id, RoleEnums.UserWithProfile);
            userManager.AddToRole(applicationUsers[2].Id, RoleEnums.UserWithProfile);
            userManager.AddToRole(applicationUsers[3].Id, RoleEnums.User);
        }

    private void CreateRoles(DbContext context)
    {
        var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(context));

        if (!roleManager.RoleExists(RoleEnums.Admin))
        {
            var role = new IdentityRole { Name = RoleEnums.Admin };
            roleManager.Create(role);
        }

        if (!roleManager.RoleExists(RoleEnums.User))
        {
            var role = new IdentityRole { Name = RoleEnums.User };
            roleManager.Create(role);
        }

        if (!roleManager.RoleExists(RoleEnums.UserWithProfile))
        {
            var role = new IdentityRole { Name = RoleEnums.UserWithProfile };
            roleManager.Create(role);
        }
    }

What am I missing here? Is the method AddUserToRole() incorrect and why is only the seeding giving me correct behavior?

Edit: ASP.NET Identity check user roles is not working found this and it seems to be the problem here. But i don't want users to have to manually logout and in again. They mention something about updating the security stamp but that did not work for me.

Edit2: See my posted answer for the solution i ended up with.

Community
  • 1
  • 1
PhilipSa
  • 215
  • 2
  • 9
  • if you get an authorization error, are you sure you are using the right user for adding roles? it should be a user with the role = RoleEnums.UserWithProfile.. the db seeding works because there aren't authorization restrictions on it while the action method has auth restriction (see filter upon) – Ciro Corvino Jan 02 '17 at 15:06
  • Something that stands out to me is that in the AddUserToRole() method, you are using a string as a parameter while the seeding method uses static properties of class RoleEnums. Is it possible the string you are using as a role when you call AddUserToRole() does not match RoleEnums.UserWithProfile? – JuanR Jan 02 '17 at 15:40

2 Answers2

0

AddToRole returns an IdentityResult. You need to check this return value for errors in the Errors collection of strings.

https://msdn.microsoft.com/en-us/library/dn497483(v=vs.108).aspx

You should also check the return of FindById that you actually got the user.

Jim Moore
  • 131
  • 1
  • 6
  • I found this [link](http://stackoverflow.com/questions/20132795/asp-net-identity-check-user-roles-is-not-working) it seems you need to log out and login to update the role. I tried the update securitystamp tip but it didn't work any advice? – PhilipSa Jan 02 '17 at 15:09
0

MVC 5 AddToRole requires logout before it works?

I ended up using the solution from this question because it was the easiest solution i could find.

Community
  • 1
  • 1
PhilipSa
  • 215
  • 2
  • 9