2

I have an issue to do with roles in mvc 3 vb.net app..Say I have Admin, Developer, PowerAdmin roles.. if I want to restrict view options based on roles I have been using a if statement in the view to hide the link all together such as:

 @If HttpContext.Current.User.IsInRole("Admin") And Request.IsAuthenticated Then
 @<li><a href="@Url.Content("~/Admin/")">Administrative Tools</a></li>
 End If

I am also decorating controller actions with authorize in places. The Problem is this say I have several actions that should only be available to say a user who is in all three roles or even 2 of the roles in any combination.. Would I simply nest the if statements in the view to hide those view items? What about controller functions.. Is it possible to decorate controller functions with something like 

   <Authorize(Roles:="Admin" + "PowerAdmin")>

and then have that function only accessible by someone with both roles????

Skindeep2366
  • 1,549
  • 3
  • 41
  • 68
  • You may be looking for something like this: http://stackoverflow.com/questions/1148312/asp-net-mvc-decorate-authorize-with-multiple-enums – Keith Nov 04 '11 at 18:09
  • I dont understand why I would have to use Enum anything when ASP.NET and mvc 3 has built in role management... Isn't there some way to just do it with one clean at the top of the controller function??? Seems like alot of hoop jumping to just make sure a user is in both roles.. – Skindeep2366 Nov 06 '11 at 00:23

2 Answers2

2

simple write two separate lines :

<Authorize(Roles := "Admin")> _
<Authorize(Roles := "PowerAdmin")> _
vampire203
  • 341
  • 3
  • 3
  • That's what I thought it was supposed to be. But I wasn't certain.. Was a bit in the dark about whether it would see the user was in admin and not care about the essential PowerAdmin Role..Thanks much.. – Skindeep2366 Nov 09 '11 at 04:52
-5

Try googling on Enum; it's the perfect class for these kind of things.

Hope this will get you going on the right track.

admdrew
  • 3,790
  • 4
  • 27
  • 39
Teun Pronk
  • 1,367
  • 12
  • 24
  • 1
    This isn't really anything more than a "let me google that for you" answer. – Joel Etherton Nov 04 '11 at 17:17
  • It might be "Let me google that for you" answer. But I do think that the enum class is the way to do this. The reason I cant type any very good example is because I'm new to it aswell. recently found it in some projects at my new job. And im sorry for not knowing that you are only allowed to give complete copy paste answers on here. tbh, my answer as I put it just saying you should use the Enum class for that is much more usefull then no asnwer at all. All I tried to do here was to point someone in the right direction. sorry if that didnt satisfy you. – Teun Pronk Nov 04 '11 at 17:52
  • 1
    I'm not saying put a full copy/paste answer here, I'm asking you to answer the question directly. If you have an idea on using the Enum to accomplish this, then go into detail on your idea (use pseudo-code if you haven't tried it out for yourself yet). If you revise your answer to something more thorough and thought out, feel free to reply to me. I will gladly remove my down-vote for an improved answer. – Joel Etherton Nov 04 '11 at 18:07
  • Thanks much for the help... I have googled it but it is all for ASP.NET not MVC 3 Razor... Not wanting a copy and paste answer. If someone read my question to start with they would see that I want to know if I am on the right track... – Skindeep2366 Nov 04 '11 at 22:17