Checking IsInRole RSS

• • Reply
  

  ykhanvilkar

  Member

  25 Points

  5 Posts

  Checking IsInRole

  May 23, 2003 06:01 AM|LINK

  Hi, In the Deskdefault.aspx page, shared function IsInRoles method of PortalSecurity class is used where HttpContext.User.IsInRole method is used. I don't know why and how this method is used ? Which roles does this HTTPContext class's method checks for ? How does the HTTPContext class knows abt the Roles in the IBSPortal db ? Help me plz... Yogesh
• • Reply
  

  cj23

  Member

  165 Points

  33 Posts

  Re: Checking IsInRole

  Jun 23, 2003 07:23 PM|LINK

  i have the same problem, i cannot figure out how IsInRole knows what role the user belongs to. I see in the xml file the accessrole is set by the current tab, so that tells you what roles are allowed to access that page but how does the site know what role a user belongs to?
• • Reply
  

  ykhanvilkar

  Member

  25 Points

  5 Posts

  Re: Checking IsInRole

  Jun 24, 2003 04:36 AM|LINK

  Hi... Well i found out the exact sequence of the code. U can refer to the "Role Based Security in ASP.net " , (search for this artical heading in Google). In the FormsAuthenticationTicket object the Roles of the logged in user is saved and sent it as a cookie, whenever user logs in. Each time when user requests any page, these roles are fetched out and then checked against the authorised roles. (Refer the Application_AuthenticateRequest event in Globle.asax file) For more detail information plz refer "Role Based Security in ASP.net " Regards Yogesh
• • Reply
  

  cj23

  Member

  165 Points

  33 Posts

  Re: Checking IsInRole

  Jul 07, 2003 08:17 PM|LINK

  great, thanks!
• • Reply
  

  kuponutcom

  Member

  575 Points

  163 Posts

  Checking IsInRoles by Request.Params:["UserId"], with if/then.. HELP? C#

  Aug 05, 2003 04:59 PM|LINK

  below is some code snippets from my portal/store combo ive merged together from the checkout.aspx.cs page... (C# only, no VB) Im having some problems trying to set up some admin stuff: IF userId(not the current logged in userId, but the one grabbed from the request.params) = PortalSecurity.IsInRoles("Employee") == true THEN do blah...... ******************* string CustomerID = Request.Params["CustomerID"]; // Obtain customer info from Users table HybridCSVS.CustomersDB customerInfo = new HybridCSVS.CustomersDB(); HybridCSVS.CustomerInfo myCustomerInfo = customerInfo.GetCustomerInfo(CustomerID); UsersDB users = new UsersDB(); users.GetRolesByUser(myCustomerInfo.Email); if (PortalSecurity.IsInRoles("Employee") == true) ******************** any help on how to merge all this code together to get the result i desire? ..ive run out of ideas.
• • Reply
  

  kuponutcom

  Member

  575 Points

  163 Posts

  Re: Checking IsInRoles by Request.Params:["UserId"], with if/then.. HELP? C#

  Aug 05, 2003 06:20 PM|LINK

  any help at all would be great.. im stumped.
• • Reply
  

  cj23

  Member

  165 Points

  33 Posts

  Re: Checking IsInRoles by Request.Params:["UserId"], with if/then.. HELP? C#

  Aug 05, 2003 06:32 PM|LINK

  are you trying to deny/allow access to an admin folder? did you check your web.config settings and allow/deny roles access to the appropriate folders? i.e. -- deny all other users
• • Reply
  

  kuponutcom

  Member

  575 Points

  163 Posts

  Re: Checking IsInRoles by Request.Params:["UserId"], with if/then.. HELP? C#

  Aug 05, 2003 06:42 PM|LINK

  no, im not doing it that way. i am using a code behind, .cs file, if then statements to display the content two different ways. in a nutshell this is what im doing: ive created a portal/store combo. upon checkout, when it displays the total price owed, it shows the subtotal (all products bought unitcosts * quantity), shipping cost, and the grand total (sub + shipping) well. if user is in role "Employee", rather than the price being (unit cost * markup price) (where markup price is a 3.5 multiplier), i want the price displayed to be (unitcost * 1.15) well. here's the problem. it works fine this way (whats above). however, it doesnt figure out the cost based off of the actual customer's purchase, as to whether or not the customer that bought it (when viewing the order on the order details page) is in the role "Employee", but whether or not the admin logged in viewing the purchases is in the role.. so if im an admin and also in the employee role as well, then i will be viewing ALL ORDERS as though they were bought from someone in the employee role.... *** i want the page to display the prices based off of who bought it and not by who is logged in viewing the order. im logged in as admin. i go to the customer's order's details page via "OrderDetails?CustomerID=X&OrderID=Y a Request.Params["CustomerID"] needs to be called to figure out whether or not the customer im viewing (viewing their order) is an employee or not. does that make sense?
• • Reply
  

  kuponutcom

  Member

  575 Points

  163 Posts

  Re: Checking IsInRoles by Request.Params:["UserId"], with if/then.. HELP? C#

  Aug 06, 2003 04:23 PM|LINK

  (replying to this to get my question at the top of the forum list...) any ideas as to how i could: if User(based off of request.params["CustomerID"]) (not user/admin that is logged in) is in roles "Employee" THEN -do this- ELSE -do that- help!?