Updating logged in user's roles

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
8/15/2012 1:59:08 PM
Gravatar
Total Posts 42

Updating logged in user's roles

Greetings

I have a control that performs additional authentication against a 3rd party database. If the use is found in the other database I add the a new role to the user in mojoPortal and then display a feature on a page that's view restricted to users with that specific role. Can can I get mojoPortal to refresh the person's roles? Here's a code snippet:

private void AddStudentToResidenceHallRole(string residenceHall)
{
if (WebUser.IsInRoles(residenceHall))
{
// add role to user
SiteUser siteUser = SiteUtils.GetCurrentSiteUser();
Role userRole = Role.GetRoleByName(siteUser.SiteId, residenceHall);
Role.AddUser(userRole.RoleId, siteUser.UserId, userRole.RoleGuid, siteUser.UserGuid);
siteUser.RolesChanged = true;
siteUser.Save();
}
}

8/15/2012 2:37:59 PM
Gravatar
Total Posts 1188
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Updating logged in user's roles

The latest versions of mojoPortal refresh the cookie much more often, but you can refresh it yourself like this too:

mojoRoleProvider.ResetCurrentUserRolesCookie();

Jamie

8/15/2012 3:42:26 PM
Gravatar
Total Posts 42

Re: Updating logged in user's roles

Didn't seem to work. Here's the complete code example. I have this placed as the first feature item on the page followed by the form.

<%@ Control Language="C#" AutoEventWireup="true" ClassName="DSACLogin.ascx" Inherits="System.Web.UI.UserControl"   %>
<%@ Import Namespace="System.Globalization" %>
<%@ Import Namespace="mojoPortal.Business" %>
<%@ Import Namespace="mojoPortal.Business.WebHelpers" %>
<%@ Import Namespace="mojoPortal.Web.Framework" %>
<%@ Import Namespace="mojoPortal.Web" %>
<%@ Import Namespace="mojoPortal.Web.Controls" %>
<%@ Import Namespace="mojoPortal.Web.UI" %>
<%@ Import Namespace="mojoPortal.Web.Editor" %>
<%@ Import Namespace="mojoPortal.Net" %>
 
<script runat="server">
   
    protected override void OnInit(EventArgs e)
    {
        
        base.OnInit(e);
    }
 
    protected void Page_Load(object sender, EventArgs e)
    {
        List<ResidenceHall> residenceHalls = new ResidenceHall().All();
        if (!Request.IsAuthenticated) 
        {
            SiteUtils.RedirectToLoginPage(this);
            return;
        }
        
        // handle admin user
        if (WebUser.IsAdminOrContentAdmin)
        {
            PopulateControls(true);
            return;
 
        } 
        else
        {
            // Get room assignment
            // spoof the room assignment if testing
            Dictionary<stringobject> p = new Dictionary<stringobject>();
            p.Add("eName"SiteUtils.GetCurrentSiteUser().LoginName);
            HDSlib.cAssignment roomAssignment = HDSlib.cAssignment.Find(p);
            if (roomAssignment == null)
            {
                // Some house cleaning
                // remove any residence hall roles that the student belong to
                RemoveStudentFromResidenceHallRole();
                mojoRoleProvider.ResetCurrentUserRolesCookie();
                PopulateControls(false);
                return;
            }
            else
            {
                // Add student to residence hall student role
                // necessarry so that the dsac application will not redirect them back to this login
                AddStudentToResidenceHallRole(roomAssignment.Building);
                mojoRoleProvider.ResetCurrentUserRolesCookie();
                string toRedirect = residenceHalls.First(x => x.Name == roomAssignment.Building).DSACUrl;
                PageSettings currentPage = CacheHelper.GetCurrentPage();
                if (currentPage.Url != toRedirect)
                {
                    Response.Redirect(toRedirect);
                }
                else
                {
// at this point the user is authenticated, is a residence hall student
// with the right (or added) role - show the form.
pnlOuterWrap.Visible = false;                     return;                                     }                 PopulateControls(false);             }         }     }        private void AddStudentToResidenceHallRole(string residenceHall)     {         if (!WebUser.IsInRole(residenceHall))         {             // add role to user             SiteUser siteUser = SiteUtils.GetCurrentSiteUser();             Role userRole = Role.GetRoleByName(siteUser.SiteId, residenceHall);             Role.AddUser(userRole.RoleId, siteUser.UserId, userRole.RoleGuid, siteUser.UserGuid);             siteUser.RolesChanged = true;             siteUser.Save();         }     }          private void RemoveStudentFromResidenceHallRole()     {         foreach(ResidenceHall item in new ResidenceHall().All())          {             if (WebUser.IsInRole(item.Name))             {                 SiteUser siteUser = SiteUtils.GetCurrentSiteUser();                 Role userRole = Role.GetRoleByName(siteUser.SiteId, item.Name);                 Role.RemoveUser(userRole.RoleId, siteUser.UserId);                 siteUser.RolesChanged = true;                 siteUser.Save();                 mojoRoleProvider.ResetCurrentUserRolesCookie();             }         }     }            private void PopulateControls(bool isAdmin)     {         string message = "Sorry, but you must live in the residence halls in order to apply to the Dining Services Advisory Committee.";         if (isAdmin)         {             message += "<br /><br /><em>Note to admins: the message will display when an authenticated accesses the page but is not member of the residence hall role.</em>";         }         lblInvalidLoginMessage.Text = message;         lblInvalidLoginMessage.Visible = true;     }     </script> <portal:OuterWrapperPanel ID="pnlOuterWrap" runat="server">     <mp:CornerRounderTop id="ctop1" runat="server" />         <portal:InnerWrapperPanel ID="pnlInnerWrap" runat="server" CssClass="panelwrapper mymodule">             <asp:UpdatePanel ID="upGallery" UpdateMode="Conditional" runat="server">                 <ContentTemplate>                     <portal:HeadingControl ID="heading" runat="server" Text="Access Denied" />                         <portal:OuterBodyPanel ID="pnlOuterBody" runat="server">                             <portal:InnerBodyPanel ID="pnlInnerBody" runat="server" CssClass="modulecontent">                                 <div class="settingrow">                                     <p><asp:Label ID="lblInvalidLoginMessage" runat="server" /></p>                                 </div>                             </portal:InnerBodyPanel>                         </portal:OuterBodyPanel>                     </ContentTemplate>                 </asp:UpdatePanel>             <portal:EmptyPanel id="divCleared" runat="server" CssClass="cleared" SkinID="cleared"></portal:EmptyPanel>         </portal:InnerWrapperPanel>     <mp:CornerRounderBottom id="cbottom1" runat="server" /> </portal:OuterWrapperPanel>
8/15/2012 4:02:53 PM
Gravatar
Total Posts 1188
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Updating logged in user's roles

My guess is that the determination of which features to show on a page likely happens before your Page_Load event fires. You could try to run your code from the PreInit event, but even that might be too late for the current page rendering. If PreInit doesn't work, you may need to force a page refresh after assigning the role.

Jamie

8/15/2012 4:11:53 PM
Gravatar
Total Posts 1188
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Updating logged in user's roles

Actually, I just realized that I should recommend you place this code where we have some similar processing for our Intranet site. In our case, when a user signs in and is automatically created via LDAP, we give them an "employees" role and refresh the role cookie so they can see the site in one step.

So if you move this into a User Sign In Event Handler, the code will run after they sign into mojoPortal, but before the site is displayed, and I think that will work better for you.

Jamie

8/16/2012 8:11:02 AM
Gravatar
Total Posts 18444

Re: Updating logged in user's roles

When you set a cookie it isn't really applied until the next request, so what I would do is redirect out of postback after you refresh the role cookie, if you don't need to redirect to a different page just do Response.Redirect(Request.RawUrl) to redirect to the current page. Really its a good idea to redirect after postback anyway to get out of postback so that refreshing the browser doesn't resubmit the form.

Hope that helps,

Joe

You must sign in to post in the forums. This thread is closed to new posts.