Meditation and Mindfulness for Software / IT Professionals. Conducted by Bipin Joshi in Thane. Read more...

User Administration Tool (Part 3)

Introduction

In Part 2 of this series we covered user management features. This final part will deal with role management and profile management.

Managing roles

The case for Role management option is shown in Figure 14.

...
case "Roles":
string[] roles = Roles.GetAllRoles();
FillControlsWithRoles(roles);
string[] userroles = Roles.
GetRolesForUser(user.UserName);
foreach (string s in userroles)
{
ListItem li = CheckBoxList1.Items.FindByValue(s);
if (li != null)
li.Selected = true;
}
MultiView1.ActiveViewIndex = 3;
break;
...

Figure 14: Case for Roles

The code gets a list of all the roles defined in the system by calling GetAllRoles() method of the Roles object. The returned roles are supplied as a parameter to a method called FillControlsWithRoles(). This method is discussed shortly and simply fills the CheckBoxList and DropDownList with the roles. The code then proceeds to retrieve a list of roles belonging to the user. This is done by calling GetRolesForUser() method of the Roles object. The for loop iterates through the array of roles returned by the GetRolesForUser() method and checks those roles in the CheckBoxList. Finally ActiveViewIndex property of the MultiView is set to 3.

The Role Management panel allows the administrator to perform in all three tasks � user to role mapping, role creation and role deletion. Once the administrator assigns or removes roles to a user he needs to click on the Update User Roles button. The Click event handler of the Update User Roles button is shown in Figure 15.

protected void Button10_Click(object sender, 
EventArgs e)
{
MembershipUser user = Membership.GetUser
(ViewState["username"].ToString());
 
foreach (ListItem li in CheckBoxList1.Items)
{
if (li.Selected)
{
if (!Roles.IsUserInRole(user.UserName, li.Value))
{
Roles.AddUserToRole(user.UserName, li.Value);
}
}
else
{
if (Roles.IsUserInRole(user.UserName, li.Value))
{
Roles.RemoveUserFromRole(user.UserName, li.Value);
}
}
}
}

Figure 15: Updating user roles

The code iterates through the list of all roles i.e. CheckBoxList items and adds the user to selected roles. This is done by calling AddUserToRole() method of the Roles object. The AddUserToRole() method accepts two parameters � user name and role name. On the same lines the user is removed from the roles unchecked by the administrator. This is achieved by calling RemoveUserFromRole() method of the Roles object. The RemoveUserFromRole() method also accepts the same two parameters as the AddUserToRole() method.

The administrator can create new roles by entering in the role name in the relevant textbox and clicking on the Create button. Figure 16 shows the Click event handler of the Create button.

protected void Button8_Click
(object sender, EventArgs e)
{
Roles.CreateRole(TextBox10.Text);
FillControlsWithRoles(Roles.GetAllRoles());
}

Figure 16: Creating new roles

The code simply calls the CreateRole() method of the Roles object passing the desired role name. After a new role has been added the CheckBoxList and the DropDownList must show the new role and hence FillControlsWithRoles() method is called.

The administrator can delete a role by selecting it from the relevant DropDownList and clicking on the Delete button. The Click event handler of the Delete button is shown in Figure 17.

protected void Button9_Click
(object sender, EventArgs e)
{
Roles.DeleteRole(DropDownList2.SelectedValue);
FillControlsWithRoles(Roles.GetAllRoles());
}

Figure 17: Deleting a role

The code calls DeleteRole() method of the Roles object passing the role name to be deleted. In order to reflect the change in the CheckBoxList and DropDownList the FillControlsWithRoles() method is called again.

We have been using the FillControlsWithRoles() method at many places. The code for this helper method is shown in Figure 18.

private void FillControlsWithRoles
(string[] roles)
{
CheckBoxList1.Items.Clear();
DropDownList2.Items.Clear();
foreach (string s in roles)
{
CheckBoxList1.Items.Add(s);
DropDownList2.Items.Add(s);
}
}

Figure 18: Filling controls with roles

The method simply clears the CheckBoxList and DropDownList control and refills them with the roles array passed as a parameter.

This complete the user role management. Now we will move on to coding the last feature i.e. Profile management.

Viewing user profiles

The case of the Profile Management option looks as shown in Figure 19.

...
case "Profile":
ProfileCommon pc = Profile.
GetProfile(user.UserName);
DropDownList3.Items.Clear();
foreach (SettingsProperty p in 
ProfileCommon.Properties)
{
DropDownList3.Items.Add(p.Name);
}
MultiView1.ActiveViewIndex = 4;
break;
...

Figure 19: Case for profile management

The code retrieves profile of the user by calling GetProfile() method. The GetProfile() method accepts the user name whose profile is to be retrieved. The profile is returned as an instance of ProfileCommon class. The code then iterates through all the profile properties using Properties collection of the ProfileCommon class. Each element of the Properties collection is of type SettingsProperty. The name of each profile property is added to the relevant DropDownList. Note that the profile properties from a property group are shown using dot (.) notion. Finally ActiveViewIndex property of the MultiView is set to 4.

The administrator can modify any of the profile properties or he can delete the entire profile of the user. When the administrator selects a particular profile property from the DropDownList, its value is shown a textbox. This is done in the SelectedIndexChanged event of the DropDownList (Figure 20).

protected void DropDownList3_
SelectedIndexChanged(object sender, EventArgs e)
{
MembershipUser user = Membership.GetUser
(ViewState["username"].ToString());
ProfileCommon pc = Profile.GetProfile
(user.UserName);
object obj = pc.GetPropertyValue
(DropDownList3.SelectedValue);
TextBox11.Text = obj.ToString();
}

Figure 20: Showing value of a profile property

The code retrieves profile of the user. The value of selected profile property is retrieved using GetPropertyValue() method of the ProfileCommon instance. The returned value is displayed in a textbox so that the administrator can edit it if required. If the administrator changes value of any profile property he needs to click on the Save button. The Save button sets the profile property to a new value and saves it in the underlying profile data store. This is shown in Figure 21.

protected void Button11_Click
(object sender, EventArgs e)
{
MembershipUser user = Membership.GetUser
(ViewState["username"].ToString());
ProfileCommon pc = Profile.GetProfile
(user.UserName);
object obj = pc.GetPropertyValue
(DropDownList3.SelectedValue);
pc.SetPropertyValue(DropDownList3.SelectedValue, 
Convert.ChangeType(TextBox11.Text, obj.GetType()));
pc.Save();
}

Figure 21: Modifying a profile property

The code first retrieves the value of the profile property by calling GetPropertyValue() method of the ProfileCommon instance. Wondering why we do that? This is necessary because while setting the new value we need to typecast the string from the textbox to appropriate data type. The call to SetPropertyValue() method will make this clear. The SetPropertyValue() method accepts property name and the new value as parameters. The property value parameter is of type object. While passing the new value we need to convert into the appropriate data type otherwise an exception will be thrown. That�s why the code uses ChangeType() method of the Convert class. The ChangeType() method accepts two parameters � value and the destination data type. Note that we pass the data type of the value previously retrieved here. Finally Save() method of the ProfileCommon instance is called to persist the changes in the underlying data store.

In order to delete the complete profile of a user the administrator can click on the Delete Profile for this user LinkButton. The code that deletes the profile is shown in Figure 22.

protected void LinkButton2_Click
(object sender, EventArgs e)
{
MembershipUser user = Membership.GetUser
(ViewState["username"].ToString());
bool result = ProfileManager.
DeleteProfile(user.UserName);
}

Figure 22: Deleting user profile

The code calls DeleteProfile() method of ProfileManager class by passing the user name to it. The ProfileManager class is used to perform various profile related tasks such as deleting profiles and searching profiles.

That�s it! Our own User Administration Tool is ready to use. Simply drag and drop the Members.ascx on the default web form and run.

 




Bipin Joshi is a software consultant, an author and a yoga mentor having 21+ years of experience in software development. He conducts online courses in ASP.NET MVC / Core, jQuery, and Design Patterns. He is a published author and has authored or co-authored books for Apress and Wrox press. Having embraced Yoga way of life he also teaches Meditation to interested individuals. To know more about him click here.

Get connected : Twitter  Facebook  Google+  LinkedIn

Posted On : 25 Dec 2007



Tags : ASP.NET Web Forms Custom Controls Security Administration