[ASP.NET AJAX Application Services] Authorization – Roles

This post is the continuation from my previous post (ASP.NET AJAX Application Services – Authentication). Please read the post before reading this.

Once a user is identified as a valid user, you can check what the user can do based on the roles.   

1. Setting Membership

You can use the same setting as the previous post. Make sure that creating users with roles. If you enable the role in the WSAT (Web Site Administration Tool), the <roleManager> element in the Web.config is modified for you.

<system.web>
  <roleManager enabled="true">
  ...
  </roleManager>
</system.web>

2. Enabling Role Service

To use the role service, you need to enable it just as you did for the authentication service.

<system.web.extensions>
  <scripting>
    <webServices>
      <authenticationService enabled="true"/>
      <roleService enabled="true" />
    </webServices>
  </scripting>
</system.web.extensions>

3. Test Page

Let’s modify the javascript login page to show the user’s roles.

...
<input type="button" id="roleBtn" value="Roles" />
...
function pageLoad() {
  ...
  $addHandler($get('roleBtn'), 'click', checkRoles, true);
}

4. Sys.Services.RoleService

The “Sys.Services.RoleService” class is a main class for client-side authorization. Before refering any properties of this object, you need to load role by calling the “load()” method

– Properties –

  • roles: roles for the currently authenticated user as an array

– Methods –

  • load(loadCompletedCallback, failedCallback, userContext): loads the roles for the currently authenticated user
  • isUserInRole(role): checks whether the currently authenticated user is in the specified role

5. Role Service – Loading Roles

The load() method requires the following parameters:

  • loadCompletedCallback: the function to call when the roles have been retrieved successfully
  • failedCallback: the function to call if the load action fails
  • userContext: additional information that you are passing to the callback functions
function checkRoles() {
  if (Sys.Services.AuthenticationService.get_isLoggedIn()) {
    Sys.Services.RoleService.load(loadCompleted, loadFailed, null);
  } else {
    alert('You are not logged in');
  }
}
function loadCompleted(result, context, methodName) {

}
function loadFailed(error, context, methodName) {
  alert('Failed logged out: ' + error.get_message());
}

6. Role Service – Checking Roles

You can use the “isUserInRole()” method or the “roles” property to check the current user’s roles.

function loadCompleted(result, context, methodName) {
  var roles = Sys.Services.RoleService.get_roles();
  alert('Roles: ' + roles.join(','));
  alert('Member of Customers: ' + Sys.Services.RoleService.isUserInRole('Customers'));
  alert('Member of Managers: ' + Sys.Services.RoleService.isUserInRole('Managers'));
}

7. Load Roles Automatically

In many cases, you are checking user’s roles when a page is loaded. The load function loads the roles asynchronously and you might not get the roles when you want. If you want the roles be available when a page is loaded, you can let the ScriptManager control to load the role when the page is loading.

<asp:ScriptManager ID="ScriptManager1" runat="server">
  <RoleService LoadRoles="true" />
</asp:ScriptManager>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s