用户角色更新不起作用!
因此,用户正在我的应用程序 (ASP .NET MVC 3) 中注册。如果注册成功,则为他分配一个名为“unreg”的角色(意味着他的社团尚未注册)。完成注册后将把他重定向到指定的操作(RegisterSociety)。如果他成功注册了他的社团,那么我会给他“用户”角色。 无论如何,即使我的数据库正确更改(我正在使用自定义身份验证和授权),User.IsInRole("user") 也会返回 FALSE。
问题出在哪里、是什么以及如何解决?
更新:
我有 2 个表用于身份验证/授权:- 用户和角色。 Roles.id_role 是用户表(user.id_role)中的外键。
-- 我的身份验证提供程序...
public class Authentication: MembershipProvider
{
public InMVC3.Models.useri CreateUser(string username, string password, string nume, string SCI, string NCI, string CNP, string email, int id_tip_user, out MembershipCreateStatus status)
{
useri us = new useri();
us.username = username;
us.parola = password;
us.nume = nume;
us.serie_ci = SCI;
us.nr_ci = NCI;
us.CNP = CNP;
us.email = email;
us.id_tip_user = id_tip_user;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
useri u = _user.GetUserByUsername(username);
if (u == null)
{
_user.Add(us);
status = MembershipCreateStatus.Success;
return _user.GetUserByUsername(username);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}
}
-- 我的角色提供程序
public class Autorizatie : RoleProvider
{
IUserRepository _user;
IRolRepository _rol;
public Autorizatie() : this(null) { }
public Autorizatie(IUserRepository provider)
{
_user = new UserRepository();
_rol = new RolRepository();
}
public override string[] GetRolesForUser(string username)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolById(user.id_tip_user);
string[] roles = new string[1];
roles[0] = rol.rol;
return roles;
}
public override bool IsUserInRole(string username, string roleName)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolByRoleName(roleName);
if (user != null && rol != null)
{
if (user.tip_useri.id_tip_user == rol.id_tip_user)
return true;
else return false;
}
return false;
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
useri user = _user.GetUserByUsername(usernames[0]);
tip_useri rol = _rol.GetRolByRoleName(roleNames[0]);
if (user != null && rol != null)
{
user.id_tip_user = rol.id_tip_user;
_user.Update();
}
}
}
-- 用户注册
[HttpPost]
public ActionResult Register(RegisterModel model)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IRolRepository rol = new RolRepository();
IClientiRepository _client = new ClientiRepository();
var us = rol.GetRolByRoleName("unreg").id_tip_user;
if (ModelState.IsValid)
{
// Attempt to register the user
MembershipCreateStatus createStatus;
provider.CreateUser(model.UserName, model.Password, model.Nume, model.SCI, model.NCI, model.CNP, model.Email, us, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
FormsService.SignIn(model.UserName, false /* createPersistentCookie */);
return RedirectToAction("RegisterFirma", "Account");
}
else
{
ModelState.AddModelError("", AccountValidation.ErrorCodeToString(createStatus));
}
}
return View(model);
}
-- 社团注册
[HttpPost]
public ActionResult RegisterFirma(RegisterFirma client)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IClientiRepository _client = new ClientiRepository();
RoleService = new Autorizatie();
clienti cl = new clienti();
if (ModelState.IsValid)
{
// Attempt to register the user
try
{
cl.denumire = client.Firma;
cl.cod_fiscal = client.CodFiscal;
cl.reg_comert = client.Registrul;
cl.id_grupa = 1;
cl.id_localitate = Convert.ToInt32(client.Loc);
cl.adresa = client.Address;
cl.email = client.Email;
cl.telefon = client.Telefon;
cl.fax = client.Fax;
cl.pers_contact = client.PersContact;
cl.id_banca = Convert.ToInt32(client.Banca);
cl.cont_bancar = client.ContBancar;
cl.id_user = _user.GetUserByUsername(User.Identity.Name).id_user;
string[] usn = new string[1];
usn[0] = User.Identity.Name;
string[] rls = new string[1];
rls[0] = "user";
RoleService.AddUsersToRoles(usn, rls);
// _user.GetUserByUsername(User.Identity.Name).id_tip_user = 3;
// _user.Update();
_client.Add(cl);
FormsService.SignOut();
FormsService.SignIn(usn[0], false); -- even after sign out and sign in
return RedirectToAction("Index", "Home");
}
catch
{
// return View(client);
return RedirectToAction("LogOn", "Account");
}
}
在数据库内部,user.id_role 根据“用户”角色进行更改。更改后几分钟,当我再次运行我的应用程序时,角色似乎正在根据数据库工作。
更新2
<roleManager defaultProvider="Autorizatie" enabled="true" cacheRolesInCookie="false" >
<providers>
<clear/>
<add name="Autorizatie" type="InMVC3.Models.Autorizatie"/>
</providers>
</roleManager>
我使用“true”,然后更改为“false”,但仍然相同(对于chacheRolesInCoockie)。
So, a user is registering in my application (ASP .NET MVC 3). If registration is succesful, is assign him a role named "unreg" (meaning his society isn't yet registered). Completion of registration will redirect him to the specified action (RegisterSociety). If he registers successfully his society then I give him the "user" role.
Anyway, User.IsInRole("user") returns FALSE even if my database changed correctly ( I'm using custom authentication and authorization).
Where and what is the issue and how can I solve it?
UPDATE:
I've got 2 tables use for authentication/authorization: - user and roles. Roles.id_role is a foreign key in the user table(user.id_role).
-- My Authentication provider...
public class Authentication: MembershipProvider
{
public InMVC3.Models.useri CreateUser(string username, string password, string nume, string SCI, string NCI, string CNP, string email, int id_tip_user, out MembershipCreateStatus status)
{
useri us = new useri();
us.username = username;
us.parola = password;
us.nume = nume;
us.serie_ci = SCI;
us.nr_ci = NCI;
us.CNP = CNP;
us.email = email;
us.id_tip_user = id_tip_user;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
useri u = _user.GetUserByUsername(username);
if (u == null)
{
_user.Add(us);
status = MembershipCreateStatus.Success;
return _user.GetUserByUsername(username);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}
}
-- My Role Provider
public class Autorizatie : RoleProvider
{
IUserRepository _user;
IRolRepository _rol;
public Autorizatie() : this(null) { }
public Autorizatie(IUserRepository provider)
{
_user = new UserRepository();
_rol = new RolRepository();
}
public override string[] GetRolesForUser(string username)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolById(user.id_tip_user);
string[] roles = new string[1];
roles[0] = rol.rol;
return roles;
}
public override bool IsUserInRole(string username, string roleName)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolByRoleName(roleName);
if (user != null && rol != null)
{
if (user.tip_useri.id_tip_user == rol.id_tip_user)
return true;
else return false;
}
return false;
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
useri user = _user.GetUserByUsername(usernames[0]);
tip_useri rol = _rol.GetRolByRoleName(roleNames[0]);
if (user != null && rol != null)
{
user.id_tip_user = rol.id_tip_user;
_user.Update();
}
}
}
--User Registration
[HttpPost]
public ActionResult Register(RegisterModel model)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IRolRepository rol = new RolRepository();
IClientiRepository _client = new ClientiRepository();
var us = rol.GetRolByRoleName("unreg").id_tip_user;
if (ModelState.IsValid)
{
// Attempt to register the user
MembershipCreateStatus createStatus;
provider.CreateUser(model.UserName, model.Password, model.Nume, model.SCI, model.NCI, model.CNP, model.Email, us, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
FormsService.SignIn(model.UserName, false /* createPersistentCookie */);
return RedirectToAction("RegisterFirma", "Account");
}
else
{
ModelState.AddModelError("", AccountValidation.ErrorCodeToString(createStatus));
}
}
return View(model);
}
--Society Registration
[HttpPost]
public ActionResult RegisterFirma(RegisterFirma client)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IClientiRepository _client = new ClientiRepository();
RoleService = new Autorizatie();
clienti cl = new clienti();
if (ModelState.IsValid)
{
// Attempt to register the user
try
{
cl.denumire = client.Firma;
cl.cod_fiscal = client.CodFiscal;
cl.reg_comert = client.Registrul;
cl.id_grupa = 1;
cl.id_localitate = Convert.ToInt32(client.Loc);
cl.adresa = client.Address;
cl.email = client.Email;
cl.telefon = client.Telefon;
cl.fax = client.Fax;
cl.pers_contact = client.PersContact;
cl.id_banca = Convert.ToInt32(client.Banca);
cl.cont_bancar = client.ContBancar;
cl.id_user = _user.GetUserByUsername(User.Identity.Name).id_user;
string[] usn = new string[1];
usn[0] = User.Identity.Name;
string[] rls = new string[1];
rls[0] = "user";
RoleService.AddUsersToRoles(usn, rls);
// _user.GetUserByUsername(User.Identity.Name).id_tip_user = 3;
// _user.Update();
_client.Add(cl);
FormsService.SignOut();
FormsService.SignIn(usn[0], false); -- even after sign out and sign in
return RedirectToAction("Index", "Home");
}
catch
{
// return View(client);
return RedirectToAction("LogOn", "Account");
}
}
Inside the database, user.id_role is changed according to the "user" role. Few minutes after the change, when I run again my application, the roles seem to be working according to the database.
UPDATE 2
<roleManager defaultProvider="Autorizatie" enabled="true" cacheRolesInCookie="false" >
<providers>
<clear/>
<add name="Autorizatie" type="InMVC3.Models.Autorizatie"/>
</providers>
</roleManager>
I used "true" and then changed to "false" and still the same (for chacheRolesInCoockie).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我认为原因是 GetRolesForUser 只为用户返回 1 个角色。因此 User.IsInRole 将不会在字符串数组中找到第二个角色。
更新:你是对的,你总是只分配了 1 个角色,抱歉。
另一个提示:下面的调用有什么作用? RoleService.AddUsersToRoles(usn, rls);
它会直接致电您的提供商吗?
据我所知,即使您不使用 cookie,角色也会被角色提供程序基础设施缓存,但缓存在
System.Web.Security.Roles.AddUsersToRole()
静态方法中被设置为脏。请问您是否调用了该方法?也许您直接调用角色提供者,然后不会将缓存设置为脏。I think the reason is that GetRolesForUser returns only 1 role for the user. Hence User.IsInRole will not find the second role in the string array.
UPDATE: You're right, you have always just 1 role assigned, sorry.
Another tip: what does the following call do?
RoleService.AddUsersToRoles(usn, rls);
Does it call your provider directly?
AFAI see the roles are cached by the role provider infrastructure even if you don't use cookies, but the cache is set dirty in the
System.Web.Security.Roles.AddUsersToRole()
static method. Can you please check if you call this method? Maybe you called your role provider directly that then does not set the cache dirty.