Introduction
The next stage in adding functionality to the user administration section of our ASP.NET Administration template is to allow ourselves to create new users and assign them the roles that we created in the previous article. We will also of course allow
End Users (EUs) to register themselves and automatically assign them the minimum authenticated role we have.
Building the Sample
This code has been written on Windows Server 2008 RC2, and developed using Microsoft Visual Studio 2010 It should work perfectly well on any computer running Windows 7 and higher (possibly Vista) and you should be able to use it within your Visual Studio 2012 environment.
You will need to add your own connection strings to the solution; found in the Web Config file.
The application will NOT build. This is deliberate - there is a small error concerning the creation of the user. It is your task in this example to work out what the error is and where the information is that will let you fix the error. You will also
want to create your messages for successfully creating the user as well as failing to create the user.
Description
I am not going to go into great depths about user management, authorisation and authentication - there are complete books on the subject. At the end of this article there are links to some excellent resources that you should read if you wish to turn this tutorial work into a production ready solution.
Ok, so we know now how to create roles and you will have added the logic for updating and deleting roles. Now we need to create the Users who we will assign roles to. In this tutorial we are of course only interested in the back-end administration aspects of user management and not the user's self-registration process - I will leave that to you; although I will show you how to assign a role to their registration proceedure.
The natural reason for an administrator to want to add user's manually is so that they can assign special priviledges to an individual or for creating test users for themselves with each individual role assigned.
Remember to rate these articles please. Without the ratings I can not tell if I am giving too much or not enough information!
Procedure
- You should already have your connection string set-up from previous articles. If you use the download available from this article you will need to re-set the connection string again in web.config
- In your solution explorer add a new item, web form using admin.master file. Save it as ManageUsers.aspx
- Get rid of any unnecessary content holders in the new file - so that the admin.master content is shown
The basic setup following the proceedure we designed in the Roles tutorial produces this:
You will notice the ApplicationId's are different. This is from previous work I have done. You need to be aware that you need to filter your users by ApplicationId before displaying them, to End Users, although it is ok for the Super Administrator - if and only if - the Super Administrator is the same for all applications using this database.
So the first thing we need to do is filter the users according to our current application id, which means we need to know what our application id is. Our aspnetdb contains an Application table where we can look up the ApplicationId using the application name which you set in your web config.... correct? If you did not do that, then do it now; If this application is to work on a web farm it needs to have a fixed Application Name and not an ASP.NET auto-generated one.
// Get the applicationID from Applications table.
private Guid getApplicationID()
{
string appName = "cmsCCSLABS";
Guid aID = new Guid();
try
{
// Connect to Database
SqlConnection conn = new SqlConnection(SqlDataSource1.ConnectionString);
SqlCommand command = new SqlCommand("SELECT (ApplicationId) FROM aspnet_Applications WHERE ApplicationName='" + appName + "';", conn);
conn.Open();
aID = (Guid)command.ExecuteScalar();
conn.Close();
}
catch (Exception ex)
{
string exx = ex.Message;
}
return aID;
}
// Get the applicationID from Applications table. private Guid getApplicationID() { string appName = "cmsCCSLABS"; Guid aID = new Guid(); try { // Connect to Database SqlConnection conn = new SqlConnection(SqlDataSource1.ConnectionString); SqlCommand command = new SqlCommand("SELECT (ApplicationId) FROM aspnet_Applications WHERE ApplicationName='" + appName + "';", conn); conn.Open(); aID = (Guid)command.ExecuteScalar(); conn.Close(); } catch (Exception ex) { string exx = ex.Message; } return aID; }
Roles were created using Roles.Add, Users, are created using Membership.CreateUser, and requires a minimum of Username and Password. That is all I have implemented for you; I am sure you can work the rest out for yourself. I will also leave you to work out how to update and delete the users.
More Information
Team View Service, Azure Services and Azure SQL
- https://tfspreview.com/en-us/learn/start/connect-to-vs/
- http://blogs.msdn.com/b/bharry/archive/2012/06/07/announcing-continuous-deployment-to-azure-with-team-foundation-service.aspx
Authentication and Authorisation
- http://www.4guysfromrolla.com/articles/121405-1.aspx
- http://weblogs.asp.net/scottgu/archive/2006/04/22/Always-set-the-_2200_applicationName_2200_-property-when-configuring-ASP.NET-2.0-Membership-and-other-Providers.aspx
- http://msdn.microsoft.com/en-us/library/t32yf0a9.aspx
- I will add additional tutorials on this subject adding more advanced features to the original template until we end up with a full CMS written with your needs in mind. Past, Current and Future topics:
- Introduction
- Customization I: The basics
Customization 2: Advanced - Adding User Administration
- Adding Database Administration
- Adding Content Administration
- Adding Site Administration
- ... and anything you think you need here
However, I will not add these tutorials if no one is interested in this, so if you are interested then rate this article please.