Edit

Share via


SqlRoleProvider.IsUserInRole(String, String) Method

Definition

Gets a value indicating whether the specified user is in the specified role.

public:
 override bool IsUserInRole(System::String ^ username, System::String ^ roleName);
public override bool IsUserInRole (string username, string roleName);
override this.IsUserInRole : string * string -> bool
Public Overrides Function IsUserInRole (username As String, roleName As String) As Boolean

Parameters

username
String

The user name to search for.

roleName
String

The role to search in.

Returns

true if the specified user name is in the specified role; otherwise, false.

Exceptions

roleName is null.

-or-

username is null.

roleName is an empty string or contains a comma.

-or-

username is contains a comma.

-or-

roleName is longer than 256 characters.

-or-

username is longer than 256 characters.

An unknown error occurred while communicating with the database.

Examples

The following code example programmatically checks to see whether the logged-on user is in the Administrators role before allowing the user to view user roles. For an example of a Web.config file that enables role management, see SqlRoleProvider.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

string[] rolesArray;
MembershipUserCollection users;

public void Page_Load()
{
  Msg.Text = "";

  try
  {
    if (!Roles.IsUserInRole(User.Identity.Name, "Administrators"))
    {
      Msg.Text = "You are not authorized to view user roles.";
      UsersListBox.Visible = false;
      return;
    }
  }
  catch (HttpException e)
  {
    Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
    return;
  }


  if (!IsPostBack)
  {
    // Bind users to ListBox.

    users = Membership.GetAllUsers();
    UsersListBox.DataSource = users;
    UsersListBox.DataBind();
  }


  // If a user is selected, show the roles for the selected user.

  if (UsersListBox.SelectedItem != null)
  {
    // Bind roles to GridView.

    rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value);
    UserRolesGrid.DataSource = rolesArray;
    UserRolesGrid.DataBind();

    UserRolesGrid.Columns[0].HeaderText = "Roles for " + UsersListBox.SelectedItem.Value;
  }
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" 
                                    Rows="8" AutoPostBack="true" runat="server" /></td>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Dim rolesArray() As String
Dim users As MembershipUserCollection

Public Sub Page_Load()

  Msg.Text = ""

  Try
    If Not Roles.IsUserInRole(User.Identity.Name, "Administrators") Then
      Msg.Text = "You are not authorized to view user roles."
      UsersListBox.Visible = False
      Return
    End If
  Catch e As HttpException
    Msg.Text = "There is no current logged on user. Role membership cannot be verified."
    Return
  End Try


  If Not IsPostBack Then
    ' Bind users to ListBox.

    users = Membership.GetAllUsers()
    UsersListBox.DataSource = users
    UsersListBox.DataBind()
  End If


  ' If a user is selected, show the roles for the selected user.

  If Not UsersListBox.SelectedItem Is Nothing Then
    ' Bind roles to GridView.

    rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value)
    UserRolesGrid.DataSource = rolesArray
    UserRolesGrid.DataBind()

    UserRolesGrid.Columns(0).HeaderText = "Roles for " & UsersListBox.SelectedItem.Value
  End If

End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" 
                                    Rows="8" AutoPostBack="true" runat="server" /></td>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>

Remarks

The IsUserInRole method is called by the Roles class and the IsInRole method of the Page.User property to determine whether a user is associated with a role in the SQL Server database specified in the ASP.NET application's configuration file (Web.config).

Applies to

See also