0

I am new to custom role providers and roles. I need to show some functionalities in the home page.

  • If Admin enters the page it will show some button like delete, alter.
  • If Normal user login the home page it will show some features like view and update but it will not shows the delete and alter functionalists.

I can do this using JavaScript but I need to implement this by using custom role provider. Is it possible using MVC4?

I have searched lots of websites but I did not find out how to do it. Can anyone give me some examples for this.

Matthijs Wessels
  • 6,530
  • 8
  • 60
  • 103
dinesh.k
  • 197
  • 1
  • 8
  • 24
  • You definitely should not rely on Javascript to hide admin functions in your frontend code that still would work on the server side if they were visible. – Rob Mar 31 '14 at 07:34
  • OK but I need to show delete and update functionalities only for ADMIN role. Is there any way to do this. – dinesh.k Mar 31 '14 at 07:39

1 Answers1

1

You can include admin areas in your view with razor like that:

@{if (User.IsInRole("admin"))
    {
        <text>
        @Html.ActionLink("Administration", "Index", "Admin", null, new { @class = currentPage == "admin-index" ? "currentPage" : "" });
        </text>
    }
}

In your controller you should make sure that admin settings and command that get sent (via Ajax post, e.g.) in come frome an authenticated admin user. Just an example:

    [HttpPost]
    [AccessDeniedAuthorize(Roles = "admin")]
    public JsonResult SaveOrder(int StationId, string ca, string items)
    {
         ...[your code]...
    }
Rob
  • 11,492
  • 14
  • 59
  • 94