Dynamic role management ( by context ).
Same time we need dynamic role management ( by context ).
We can derive from SqlRoleProvider and override is methods.
Step 1: Build your role provider
public class MySqlRoleProvider : SqlRoleProvider { public override string[] GetRolesForUser( string username ) { string[] result = base.GetRolesForUser( username ); // TODO: your implementation.......Step 2:Add the role provider to the config file
// Example: <New Role Name>=”<Old Role Name>+<Context:Acount ID>” return result; } // TODO: Override other methods }
<
roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider"><
providers><
clear/><
add name="AspNetSqlRoleProvider" connectionStringName="DataBaseName" applicationName="/Demo1" type="MySqlRoleProvider" /></
providers></
roleManager> Step 3: Build Dynamic Role Permission Attribute
// Use the command line option '/keyfile' or appropriate project settings to sign this assembly.
[assembly: System.Security.
AllowPartiallyTrustedCallersAttribute()][AttributeUsage( AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly , AllowMultiple = true , Inherited = false )][
Serializable]public
class DynamicRolePermissionAttribute : CodeAccessSecurityAttribute{
SecurityAction action; string m_Role;
public DynamicRolePermissionAttribute( SecurityAction action )
: base( action )
{
this.action = action;
}
public override IPermission CreatePermission ()
{
PrincipalPermission p =
new PrincipalPermission( null , Role + “Context:Acount ID" );
return p;
}
public string Role
{
get{return m_Role;}
set{m_Role = value;}
}
}
Step 4: Declarative Secure Component
public
class DeclarativeSecureComponent{
[
PrincipalPermission( SecurityAction.Demand ,Role = "DistrictManagers" )]
public static void DistrictManagerMethod()
{
//TODO:
}
DynamicRolePermission( SecurityAction.Demand ,
[Role = "RegionalManagers" )]
public static void RegionalManagerMethod()
{
//TODO:
}
}
Step 5: Test the code…
<%
@ Page Language="C#" AutoEventWireup="true" %><!
DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><
html xmlns="http://www.w3.org/1999/xhtml" ><
head runat="server"> <title>Test my Role Provider</title> <script language="C#" runat="server"> protected void btnDistrictManager_Click( object sender , EventArgs e ){
DeclarativeSecureComponent.DistrictManagerMethod();lblResult.Text = "The user is District Manager";
}
protected void btnRegionalManager_Click( object sender , EventArgs e ){
DeclarativeSecureComponent.RegionalManagerMethod();lblResult.Text = "The user is Regional Manager";
}
</script>
</head>
<body>
<form id="form1" runat="server"><div> <asp:LoginName ID="LoginName1" runat="server" /> <asp:LoginStatus ID="LoginStatus1" runat="server" /><br /><br /> <asp:Button ID="btnDistrictManager" runat="server" OnClick="btnDistrictManager_Click" Text="District Manager" Width="155px" /><br /><br /> <asp:Button ID="btnRegionalManager" runat="server" OnClick="btnRegionalManager_Click" Text="Regional Manager" /><br />
<br /> <asp:Label ID="lblResult" runat="server" Height="135px" Width="514px"></asp:Label>
</div>
</form></
body></
html>