What's the best practice in adjusting web interface according tomembership?

[Author]

I have configured my asp.net 3.5 web application to use Active
Directory authentication with Forms authentication, and it's working
perfectly.

Suppose my web application identifies 3 user roles: Admin, Data Entry,
Project Manager, and they perform different tasks.

It's very common to present different functionality to different user
groups. For example, only Admin users can manage system users; Data
Entry staff cannot generate project reports, etc. Naturally, some
controls will be shown/hidden or enabled/disabled according to the
user role of the logged-in user.

Now, what is the best strategy to control such web controls? I know I
can do this (and have done this before) through if-else conditioning
like

if (user.Role == UserRoles.Admin)
{
userManagementButton.Visible = true;
projectReportGenerationButton.Visible = false;
}
else if ( blah)
{ //blah blah
}
else
{
// blah blah blah
}

, which is very a basic and straightforward approach. However, I
think this is sorta cumbersome, and thus I am interested in learning
any better strategy.

For example, for a button control, is it a good strategy to implement
our own user-role-aware button control by inheriting the Button
control? I haven't done this, but I think if I do this, then, I only
need to write such annoying and cumbersome if-else's once in the
implementation of the inherited button controls. And to use it, we
simply set its user role property. Does this make sense? Has anyone
done something like this before? Do-able? Recommendable?

Thanks a lot.

 

[Stan]

I have configured my asp.net 3.5 web application to use Active
Directory authentication with Forms authentication, and it's working
perfectly.

Suppose my web application identifies 3 user roles: Admin, Data Entry,
Project Manager, and they perform different tasks.

It's very common to present different functionality to different user
groups.  For example, only Admin users can manage system users; Data
Entry staff cannot generate project reports, etc.  Naturally, some
controls will be shown/hidden or enabled/disabled according to the
user role of the logged-in user.

Now, what is the best strategy to control such web controls?  I know I
can do this (and have done this before) through if-else conditioning
like

if (user.Role == UserRoles.Admin)
{
           userManagementButton.Visible = true;
           projectReportGenerationButton.Visible = false;}

else if ( blah)
{ //blah blah}

else
{
   // blah blah blah

}

, which is very a basic and straightforward approach.  However, I
think this is sorta cumbersome, and thus I am interested in learning
any better strategy.

For example, for a button control, is it a good strategy to implement
our own user-role-aware button control by inheriting the Button
control?  I haven't done this, but I think if I do this, then, I only
need to write such annoying and cumbersome if-else's once in the
implementation of the inherited button controls.  And to use it, we
simply set its user role property.  Does this make sense? Has anyone
done something like this before?  Do-able? Recommendable?

Thanks a lot.

The easiest way is to use a LoginView control. This can be configured
to show/hide anything you like according to whether the user is
authenticated, and their role etc. You add templates for each
scenario. If you have VS2005 or VS2008 the design view wizards make it
easy.

HTH

 

[Author]

The easiest way is to use a LoginView control. This can be configured
to show/hide anything you like according to whether the user is
authenticated, and their role etc. You add templates for each
scenario. If you have VS2005 or VS2008 the design view wizards make it
easy.

HTH

Ah? I didn't know that LoginView can be so powerful. I had thought
that it only shows/hides/adjusts the welcome label accordingly. Thank
you. I'll look into this control.

 

[Author]

The easiest way is to use aLoginViewcontrol. This can be configured
to show/hide anything you like according to whether the user is
authenticated, and their role etc. You add templates for each
scenario. If you have VS2005 or VS2008 the design view wizards make it
easy.

HTH

I have done a little bit research on LoginView control, and I do wanna
use this to provide different content to my web application users.

From my research, I also learned that we must have RoleManager in
order to LoginView to work.

As I mentioned, I am using active directory authentication with forms
authentication and this is working perfectly.

I have user roles assigned in my SQL Server 2005 database through the
following 3 tables

Users
RoleAssignments
UserRoles

Because one user may have more than one roles, so I have the
RoleAssignments table linking the Users and the UserRoles tables.

So, you get the idea how users get their roles.

Now, since I am not using the SqlRoleProvider through running the
following command:

aspnet_regsql.exe–E–S sqlinstance–A r

I must implement my own RoleManager, correct?

If yes, please give me a pointer about how to get started.

If not, what do I need to do to make my LoginView controls aware of
the role of a logged-in user?

Thank you very much.

 

[Author]

I have done a little bit research on LoginView control, and I do wanna
use this to provide different content to my web application users.

From my research, I also learned that we must have RoleManager in
order to LoginView to work.

As I mentioned, I am using active directory authentication with forms
authentication and this is working perfectly.

I have user roles assigned in my SQL Server 2005 database through the
following 3 tables

Users
RoleAssignments
UserRoles

Because one user may have more than one roles, so I have the
RoleAssignments table linking the Users and the UserRoles tables.

So, you get the idea how users get their roles.

Now, since I am not using the SqlRoleProvider through running the
following command:

aspnet_regsql.exe–E–S sqlinstance–A r

I must implement my own RoleManager, correct?

If yes, please give me a pointer about how to get started.

If not, what do I need to do to make my LoginView controls aware of
the role of a logged-in user?

Thank you very much.

I found some articles at msdn. I just need to implement a class that
inherits the RoleProvider class.