I have a custom Role provider for my MVC4 application that is working so well in that it creates roles, checks role existence, check IsUserInRole but my [Authorize(Roles = "Admin")] is still using the default System.Web.Security.RolePrincipal.IsInRole(String role) method
I have tried to create a custom RolePrincipal that overrides the IsInRole method but I am having problem finding the correct parameter for the constructor and am unsure how to set this in the web.config. Code is as follows:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Configuration.Provider;
using MetaLearning.Data;
using System.Web.Security;
namespace Project.Principal
{
public class MyPrincipal : System.Web.Security.RolePrincipal
{
private MyContext dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);
private Repository<MyUser> userRepository;
private Repository<Role> roleRepository;
public MyPrincipal()
{
this.userRepository = new Repository<MyUser>(dbcontext);
this.roleRepository = new Repository<Role>(dbcontext);
}
public override bool IsInRole(string role)
{
Role roleCheck = roleRepository.Get(r => r.Name == role).FirstOrDefault();
MyUser user = userRepository.Get(u => u.Username == HttpContext.Current.User.Identity.Name).FirstOrDefault();
user.RoleID = roleCheck.RoleID;
userRepository.Update(user);
userRepository.SaveChanges();
return true;
}
}
}
I checked the RolePrincipal documentation http://msdn.microsoft.com/en-us/library/system.web.security.roleprincipal.aspx and can see that the most basic constructor RolePrincipal(IIdentity) takes a parameter of IIdentity. How and where can this be retrieved from as I am unsure as to what it is? Are there additional changes required in the webconfig?