因此,用户正在我的应用程序中注册(ASP .NET MVC 3)。如果注册成功,则为他指定一个名为“unreg”的角色(意味着他的社团尚未注册)。完成注册将重定向到指定的操作(RegisterSociety)。如果他成功注册了他的社会,那么我就给他“用户”的角色。 无论如何,即使我的数据库更改正确(我正在使用自定义身份验证和授权),User.IsInRole(“user”)也会返回FALSE。
问题的位置和方向,我该如何解决?
更新:
我有2个表用于身份验证/授权: - 用户和角色。 Roles.id_role是用户表中的外键(user.id_role)。
- 我的身份验证提供商......
public class Authentication: MembershipProvider
{
public InMVC3.Models.useri CreateUser(string username, string password, string nume, string SCI, string NCI, string CNP, string email, int id_tip_user, out MembershipCreateStatus status)
{
useri us = new useri();
us.username = username;
us.parola = password;
us.nume = nume;
us.serie_ci = SCI;
us.nr_ci = NCI;
us.CNP = CNP;
us.email = email;
us.id_tip_user = id_tip_user;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
useri u = _user.GetUserByUsername(username);
if (u == null)
{
_user.Add(us);
status = MembershipCreateStatus.Success;
return _user.GetUserByUsername(username);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}
}
- 我的角色提供者
public class Autorizatie : RoleProvider
{
IUserRepository _user;
IRolRepository _rol;
public Autorizatie() : this(null) { }
public Autorizatie(IUserRepository provider)
{
_user = new UserRepository();
_rol = new RolRepository();
}
public override string[] GetRolesForUser(string username)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolById(user.id_tip_user);
string[] roles = new string[1];
roles[0] = rol.rol;
return roles;
}
public override bool IsUserInRole(string username, string roleName)
{
useri user = _user.GetUserByUsername(username);
tip_useri rol = _rol.GetRolByRoleName(roleName);
if (user != null && rol != null)
{
if (user.tip_useri.id_tip_user == rol.id_tip_user)
return true;
else return false;
}
return false;
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
useri user = _user.GetUserByUsername(usernames[0]);
tip_useri rol = _rol.GetRolByRoleName(roleNames[0]);
if (user != null && rol != null)
{
user.id_tip_user = rol.id_tip_user;
_user.Update();
}
}
}
- 用户注册
[HttpPost]
public ActionResult Register(RegisterModel model)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IRolRepository rol = new RolRepository();
IClientiRepository _client = new ClientiRepository();
var us = rol.GetRolByRoleName("unreg").id_tip_user;
if (ModelState.IsValid)
{
// Attempt to register the user
MembershipCreateStatus createStatus;
provider.CreateUser(model.UserName, model.Password, model.Nume, model.SCI, model.NCI, model.CNP, model.Email, us, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
FormsService.SignIn(model.UserName, false /* createPersistentCookie */);
return RedirectToAction("RegisterFirma", "Account");
}
else
{
ModelState.AddModelError("", AccountValidation.ErrorCodeToString(createStatus));
}
}
return View(model);
}
- 社会注册
[HttpPost]
public ActionResult RegisterFirma(RegisterFirma client)
{
Autentificare provider = (Autentificare)Membership.Provider;
IUserRepository _user = new UserRepository();
IClientiRepository _client = new ClientiRepository();
RoleService = new Autorizatie();
clienti cl = new clienti();
if (ModelState.IsValid)
{
// Attempt to register the user
try
{
cl.denumire = client.Firma;
cl.cod_fiscal = client.CodFiscal;
cl.reg_comert = client.Registrul;
cl.id_grupa = 1;
cl.id_localitate = Convert.ToInt32(client.Loc);
cl.adresa = client.Address;
cl.email = client.Email;
cl.telefon = client.Telefon;
cl.fax = client.Fax;
cl.pers_contact = client.PersContact;
cl.id_banca = Convert.ToInt32(client.Banca);
cl.cont_bancar = client.ContBancar;
cl.id_user = _user.GetUserByUsername(User.Identity.Name).id_user;
string[] usn = new string[1];
usn[0] = User.Identity.Name;
string[] rls = new string[1];
rls[0] = "user";
RoleService.AddUsersToRoles(usn, rls);
// _user.GetUserByUsername(User.Identity.Name).id_tip_user = 3;
// _user.Update();
_client.Add(cl);
FormsService.SignOut();
FormsService.SignIn(usn[0], false); -- even after sign out and sign in
return RedirectToAction("Index", "Home");
}
catch
{
// return View(client);
return RedirectToAction("LogOn", "Account");
}
}
在数据库内部,user.id_role根据“user”角色进行更改。更改后几分钟,当我再次运行我的应用程序时,角色似乎根据数据库工作。
更新2
<roleManager defaultProvider="Autorizatie" enabled="true" cacheRolesInCookie="false" >
<providers>
<clear/>
<add name="Autorizatie" type="InMVC3.Models.Autorizatie"/>
</providers>
</roleManager>
我使用“true”然后更改为“false”并且仍然相同(对于chacheRolesInCoockie)。
答案 0 :(得分:1)
我认为原因是GetRolesForUser只为用户返回1个角色。因此,User.IsInRole将不会在字符串数组中找到第二个角色。
更新:你是对的,你总是只分配了一个角色,对不起。
另一个提示:以下调用是做什么的? RoleService.AddUsersToRoles(usn, rls);
它是否直接致电您的提供商?
AFAI即使您不使用Cookie,也会看到角色由角色提供程序基础结构缓存,但缓存在System.Web.Security.Roles.AddUsersToRole()静态方法中设置为脏。你能否检查一下你是否称这种方法?也许您直接调用了角色提供程序,然后没有将缓存设置为脏。