0

I want to get some idea for Creating CustomRoles whenever user login to the application. I have Feature Model that looks like as follows:

  public class Feature : AuditableEntity
    {
        [Display(Name = "Code")]
        [MaxLength(50)]
        public string FeatureCode { get; set; }
    }

I want to create Roles according to the FeatureCode in the Feature Model,so that when a user LogIn the application behaves with the roles assigned to that perticular user.

I wants to use something like this :

bool value=user.isInRole(FeatureCode)

that will return true or false according to the assigned features to the user. thanks in advance.

Ni3
  • 489
  • 3
  • 12

1 Answers1

0

I have used the ClaimsAuthentionManager class to provide a mechanisme to transform incoming users with claims (roles). Here is some sample code of a custom ClaimsAuthenticationManager:

public class ClaimsTransformationModule : ClaimsAuthenticationManager
{
    public override ClaimsPrincipal Authenticate(string resourceName, ClaimsPrincipal incomingPrincipal)
    {
        if (incomingPrincipal != null && incomingPrincipal.Identity.IsAuthenticated == true)
        {
            Claim nameIdentifier = incomingPrincipal.Claims.Where(foo => foo.Type == ClaimTypes.Name).FirstOrDefault();
            var roles = GetRoles(nameIdentifier.Value); // Get the roles from the backend based on the user
            foreach (var role in roles) //This is the part applying roles to the Claim (user)
            {
                ((ClaimsIdentity)incomingPrincipal.Identity).AddClaim(new Claim(ClaimTypes.Role, role));
            }
            ((ClaimsIdentity)incomingPrincipal.Identity).AddClaim(new Claim(ClaimTypes.Sid, GetUserId(nameIdentifier.Value)));
        }

        return incomingPrincipal;
    }

Then in the Web.config you can configure the system to use your custom Claims Manager:

<system.identityModel>
<identityConfiguration>
  <claimsAuthenticationManager type="ClaimsTransformation.ClaimsTransformationModule, ClaimsTransformation" />

Then to get the roles for the currently logged on user you go:

var user = ClaimsPrincipal.Current;
bool isInRole = user.IsInRole(roleName);

But have a look at the leastprivilege.com site for more information.

Cheers Frank

user155814
  • 101
  • 1
  • 9