ASP .NET MVC: How can I change the role of an user?

Question

In my app I have an Administrator role, and these kind of users can change the role of a user(client, manager...). I am using the built in Membership provider. Here is what I tried to do...

        [AcceptVerbs(HttpVerbs.Post)]
    public ActionResult EditRole(string usernameID, FormCollection formValues)
    {

        var db = new AppDataContext();
        var user = db.Users.SingleOrDefault(d => d.UserName == usernameID);
        string choosenRole = Request.Form["Roles"];                               

        var tuple = db.UsersInRoles.SingleOrDefault(d => d.UserId == user.UserId);
        var roleNameID = db.Roles.SingleOrDefault(d => d.RoleName == choosenRole).RoleId;
        tuple.RoleId = roleNameID;

        db.SubmitChanges();

        return RedirectToAction("Index");
    }

But, I got this error..

Value of member 'RoleId' of an object of type 'UsersInRole' changed. A member defining the identity of the object cannot be changed. Consider adding a new object with new identity and deleting the existing one instead.

I'm stucked. Any ideas?

Answer 1

Here is how I was able to change the role for a user. I first create the roleStore and the roleManager to be able to manage roles. I then checked to see if the role does exist and if not, add (Just to make sure I get no null). I then removed the role from the user and then I added the role I wanted.

Keep in mind that User.Identity.GetUserId() gets the ID of the currently logged in user. If you want to change the role for someone else, you need to find their UserId.

ApplicationUser au = dbContext.Users.Find(User.Identity.GetUserId());
var roleStore = new RoleStore<IdentityRole>(new ApplicationDbContext());
var roleManager = new RoleManager<IdentityRole>(roleStore);
IdentityRole search_role = roleManager.FindByName(ae_auvm.UserRole);

if (search_role == null)
{
    await roleManager.CreateAsync(new IdentityRole(ae_auvm.UserRole.Trim()));
}

string[] roleNames = userManager.GetRoles(au.Id).ToArray();

UserManager.RemoveFromRoles(au.Id, roleNames);
roleNames = userManager.GetRoles(au.Id).ToArray();

await UserManager.AddToRoleAsync(au.Id, ae_auvm.UserRole.Trim());
roleNames = userManager.GetRoles(au.Id).ToArray();

Answer 2

Rather than trying to access the membership tables directly from the db (datacontext) you should be using the User, Roles, and Membership static classes provided within your action code there.

Like this:

System.Web.Security.Roles.AddUserToRole(usernameID, choosenRole);

Assuming that your usernameID is the string key of the user you want to change and choosenRole contains the role name key you want to add the user to:

[AcceptVerbs(HttpVerbs.Post)]
public ActionResult EditRole(string usernameID, FormCollection formValues)
{
    string choosenRole = Request.Form["Roles"];                               
    System.Web.Security.Roles.AddUserToRole(usernameID, choosenRole);

    return RedirectToAction("Index");
}

Answer 3

UsersInRole.RoleId is part of the primary key of the UsersInRole table and can therefore not be changed. You should follow the suggestion given by the error message and delete the existing UsersInRole instance and create a new one.