CODEWITHSUNDEEP
c#asp.netasp.net-mvcasp.net-mvc-4
Bobby Tables
Bobby Tables

Reputation: 3013

Role based controller access

I'm to new asp.net and asp.net MVC. I'm trying to show a user a page depending on the role his in.

public class HomeController : Controller
{
    [Authorize(Roles = "Reviewer")]
    public ActionResult Index()
    {
        ViewBag.Title = "Reviwer";
        return View();
    }

    [Authorize(Roles="User")]
    public ActionResult Index()
    {
        return View();
    }
}

My code is the one above, it makes perfect sense that it won't compile like this i can't cave two idendical methods with the same name. But can someone please point me in the right direction. How am i supposed to show the user o different page based on his role.

Upvotes: 1

Views: 189

Answers (3)

nkvu
nkvu

Reputation: 5841

Are there different views for each role or is it just that you want to have a different title depending on their role?

What you could do is combine the roles into a single Controller method and then inside the method have conditional logic, as a naive example:

public class HomeController : Controller
{
    [Authorize(Roles = "Reviewer, User")]
    public ActionResult Index()
    {
        if (Roles.IsUserInRole("Reviewer"))
        {
            ViewBag.Title = "Reviwer";
        }

        return View();
    }
}

If all you were doing was changing the title. If you wanted to display a different view or redirect them somewhere else you could do:

    [Authorize(Roles = "Reviewer, User")]
    public ActionResult Index()
    {
        if (Roles.IsUserInRole("Reviewer"))
        {
            return View("ReviewerView");
        }
        else if (Roles.IsUserInRole("User"))
        {
            //Or do a RedirectToAction("SomeAction")
            return View("UserView");
        }
    }

Upvotes: 2

Mathew Thompson
Mathew Thompson

Reputation: 56429

If they must be two separate actions, then it makes more sense to name them according to role, like so:

public class HomeController : Controller
{
    [Authorize(Roles = "Reviewer")]
    public ActionResult Reviewer()
    {
        ViewBag.Title = "Reviewer";
        return View();
    }

    [Authorize(Roles="User")]
    public ActionResult User()
    {
        return View();
    }
}

If you can have them as one, you could do:

public class HomeController : Controller
{
    [Authorize(Roles = "Reviewer", "User")]
    public ActionResult Index()
    {
        if (User.IsInRole("Reviewer"))
        {
            return View("Reviewer");
        }
        else
        {
            return View("User");
        }
    }
}

Upvotes: 4

GraemeMiller
GraemeMiller

Reputation: 12253

Do a test in the action whether the user is in a role and return a different view or redirect to a different action.

You could try something like:

public class HomeController : Controller
{
    [Authorize(Roles = "Reviewer,User")]
    public ActionResult Index()
    {
    if (User.IsInRole("Reviewer")){

            ViewBag.Title = "Reviwer";
            return View("IndexReviwer");
     }
    return View();
    }
}

Need to create a View called IndexReviwer

Upvotes: 1

Related Questions