As in the Membership Management API, the Role Management API is placed in the System.Web.Security namespace. The latter consists basically of two classes: Roles and RolePrincipal. RolePrincipal supports the IPrincipal interface and is used as the principal object for each respective request. Thus the class offers access to the roles of the current users. Instead of identifying them with each request in the database, they are placed automatically in an encoded cookie.
The Roles class can be compared with the Membership class, in that it allows you to administrate the roles and their members in the system by means of static methods. Using the Roles class, you have to bear in mind the following:
A Role class doesn't exist. Each role is represented and administrated only by its name (which in fact is a string).
There is no direct relationship with Membership Management. Therefore, the users are also administrated as a string.
The various static methods of the Roles class are mostly self-explanatory, as you can see by their names: CreateRole, DeleteRole, GetAllRoles, GetUsersInRole, and GetRolesForUser. The options for adding new users and roles are very sophisticated. You can add a) a user to a role, b) a user to several roles, c) several users to one role, and d) several users to several roles. Conversely, you have four methods to delete role memberships that either accept strings or string arrays as parameters, too.
The source code shown in Listing 6-9 demonstrates simplified role administration. You can show all users attached to a role and add or delete individual members. Furthermore, it is possible to create new roles. The different routines use numerous methods offered by the Roles class. Figure 6-18 shows the page in action.
Figure 6-18: Creating an individual console for the administration won't take very long.
Listing 6-9: Performing Simplified Role Administration
void Page_Load(object sender, System.EventArgs e)
{
if (this.IsPostBack == false)
{
this.UpdateRoleList(null);
}
}
void DDL_RoleList_SelectedIndexChanged(object sender, System.EventArgs e)
{
this.UpdateRoleMemberList();
}
void BT_RemoveRole_Click(object sender, System.EventArgs e)
{
if (this.DDL_RoleList.SelectedIndex != -1)
{
Roles.DeleteRole(this.DDL_RoleList.SelectedValue);
this.UpdateRoleList(null);
}
}
void BT_AddRole_Click(object sender, System.EventArgs e)
{
if (this.TB_NewRole.Text.Length > 0)
{
Roles.CreateRole(this.TB_NewRole.Text);
this.UpdateRoleList(this.TB_NewRole.Text);
}
}
void BT_RemoveUserFromRole_Click(object sender, System.EventArgs e)
{
if (this.LB_RoleUsers.SelectedIndex != -1)
{
Roles.RemoveUserFromRole(this.LB_RoleUsers.SelectedValue,
this.DDL_RoleList.SelectedValue);
this.UpdateRoleMemberList();
}
}
void BT_AddUserToRole_Click(object sender, System.EventArgs e)
{
if (this.TB_NewUser.Text.Length > 0)
{
Roles.AddUserToRole(this.TB_NewUser.Text, this.DDL_RoleList.SelectedValue);
this.UpdateRoleMemberList();
}
}
private void UpdateRoleList(string role)
{
this.DDL_RoleList.DataSource = Roles.GetAllRoles();
this.DDL_RoleList.DataBind();
if (role != null)
{
ListItem item = this.DDL_RoleList.Items.FindByText(role);
if (item != null)
{
item.Selected = true;
}
}
this.UpdateRoleMemberList();
}
private void UpdateRoleMemberList()
{
string role = this.DDL_RoleList.SelectedValue;
this.LB_RoleUsers.DataSource = Roles.GetUsersInRole(role);
this.LB_RoleUsers.DataBind();
}