Assign Custom Roles for Users in MVC

Like Tweet Pin it Share Share Email

In this article, we are trying to understand how we can “assign the roles for the users” who are available in the Active directory. In practical scenario Active directory users will have lesser authorization for the Server but he wants high privilege for web application.

Active directory in MVC

First step, we need to create the User Admin view for assigning the Roles.
We have created simple User Admin View, In this Active Directory user will be populated in the User ID column and separate Drop down field for Roles. So the Admin user will select the User ID and assign the Roles and save the record.

Code snippet for Retrieving the User from Active directory and create the Drop down list.
We have created the User Admin Views by normal Scaffolding method and pass the Active Directory value to the View for populating the drop down list.


public ActionResult Create()
{
List UserID = new List();
string Path = "LDAP://CN=Users,DC=MyDomain,DC=com";
DirectoryEntry DirList = new DirectoryEntry(Path);
DirectorySearcher Dirsearch = new DirectorySearcher(DirList);
Dirsearch.Filter = "(&(objectClass=user))";
Dirsearch.PropertiesToLoad.Add("samaccountname");
Dirsearch.PropertiesToLoad.Add("displayname");//first name
SearchResult Serresult;
SearchResultCollection SerresultCol = Dirsearch.FindAll();
UserID.Add(new SelectListItem { Text = "Select", Value = "0" });
if (SerresultCol != null)
{
for (int i = 0; i < SerresultCol.Count; i++)
{

Serresult = SerresultCol[i];
if (Serresult.Properties.Contains(“samaccountname”) && Serresult.Properties.Contains(“displayname”))
{
string UID = (String)Serresult.Properties[“samaccountname”][0];
string Name = (String)Serresult.Properties[“displayname”][0];
UserID.Add(new SelectListItem { Text = UID, Value = Name });

}
}
}

ViewData[“UserID”] = UserID;
List RoleID = new List();
RoleID.Add(new SelectListItem { Text = “User”, Value = “1” });
RoleID.Add(new SelectListItem { Text = “AdminUser”, Value = “2” });
RoleID.Add(new SelectListItem { Text = “SuperUser”, Value = “3” });
ViewData[“RoleID”] = RoleID;
return View();
}

In the View Place the below code.

 

UserAdmin
@Html.LabelFor(model => model.UserID)
@Html.DropDownListFor(model => model.UserID, ViewData[“UserID”] as List)
@* @Html.EditorFor(model => model.UserID)*@
@Html.ValidationMessageFor(model => model.UserID)
@Html.LabelFor(model => model.Role)
@* @Html.EditorFor(model => model.Role)*@
@Html.DropDownListFor(model => model.Role, ViewData[“RoleID”] as List)
@Html.ValidationMessageFor(model => model.Role)

 

Second Step, after user logged in through windows authentication, we can capture the User ID and check the Roles assigned for the user in User Admin Module.

We have set the User roles as bellow.

  1. Normal User -1
  2. Admin User -2
  3. Super User – 3

In this example user is having Super User permission only can view this page, if not it will redirected to Home page.


var User = System.Web.HttpContext.Current.User;
string UserID = User.Identity.Name.ToString().Split('\\')[1];
//string UserID = "Administartor";
using (var context = new UserAdminContext())
{
var a = context.UserAdminDbContext.Where(x => x.UserID == UserID && x.Role == "3").FirstOrDefault();
if (a != null)
{
return View(db.UserAdminDbContext.ToList());
}
else
{
return RedirectToAction("Index", "Home", null);
}
}

This article explained how we can integrate our own Roles to the Active directory users. Most of the business applications, Roles will not be set for the users in Active directly, only the system maintenance users will have high privilege than the application users.

Because End users will not have full access to the Application server due to security purpose. In this article, we have introduced the User Admin Page. This page is using for assign the roles for the users who are all available in AD.

This Page will be accessible only to Admin user. They can set the roles to the other users. This Application is driven by Windows authentication. So All the AD users can access the home page, Based on the roles assigned to the other inner pages respective user can access.

This article includes three stages.

  1. Stage 1 Retrieving the AD users and pass to the User Admin View.
  2. Stage 2 Assigning the Roles to the Users by Administrator.
  3. Stage 3 Authorization of user based the roles assigned.

In Addition to that you can look more details about the Active Directory Users and Group: https://msdn.microsoft.com/en-us/library/bb727067.aspx

Hope this article will help you in Custom Roles for users available in Active directory in MVC. ASP.NET Development Experts are here to assist you, ask them your doubts about the subject.


Enter Your Email Address & Get Updates To InBox:

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest

Shares