How to create & apply role management in C# MVC


When many users developed an application, there are many different type of privileges for them. In short role management is the concept to create users with their specific privileges.

 

By role management we set group of authenticated users. By role management we can decide what user can show, and which information should be hide from that group.

 

In c# we set role to specific class or function, which will be specific below:

 

In our system we have some different role like super admin, admin and client and so on. Let see how to create in C# MVC :

 

[Authorize(Roles = "superadmin,admin")]

public PartialViewResult _GenerateReport(){}

            So we have a function _generateReport which will generate a xyz report after execution. With authorize we decide and set that this function will be accessible by both super admin and admin, but any other users in this case it is not accessible for client.

            We can also create our authentication like

public class ClientAuthorize : AuthorizeAttribute

    {

        public override void OnAuthorization(AuthorizationContext filterContext)

        {

            base.OnAuthorization(filterContext);

            if (filterContext.Result is HttpUnauthorizedResult)

            {

                filterContext.Result = new RedirectToRouteResult(

                    new System.Web.Routing.RouteValueDictionary(new

                        {

                            controller = “Account”,

                            action = “SignIn”,

                            Area = “Client”,

                            ReturnUrl = filterContext.HttpContext.Request.RawUrl

                        }));

            }

        }

    }

            By above code we create authentication for client and set like given below:

[ClientAuthorize(Roles = "client")]

        public ActionResult Index()

        {

            return View();

        }