我想我会自己回答这个问题,以防万一对其他人有用。我实现了自己的自定义角色提供程序,并连接到sql数据以分配如下角色:
public class CustomRoleProvider : RoleProvider
{
public override bool IsUserInRole(string username, string roleName)
{
var roles = GetRolesForUser(username);
foreach (var role in roles)
{
if (role.Equals(roleName))
{
return true;
}
}
return false;
}
public override string[] GetRolesForUser(string username)
{
//create our List to hold our Roles
List<string> r = new List<string>();
r.Add("Employee");
//get our sap number of current user to look up against the database
var persno = Int32.Parse(10 + HttpContext.Current.User.Identity.Name.Substring(HttpContext.Current.User.Identity.Name.Length - 5));
//connect to our sql database
string strConnString = ConfigurationManager.ConnectionStrings["hrssportalConnectionString1"].ConnectionString;
string str;
SqlCommand com;
SqlConnection con = new SqlConnection(strConnString);
con.Open();
//SQL Query
str = "SELECT org_publisher.persno, org_publisher.record_type, org_publisher.org_string, map_user_roles.role_name FROM org_publisher LEFT JOIN users ON org_publisher.persno = users.persno LEFT JOIN map_user_roles ON users.role_id = map_user_roles.role_id WHERE org_publisher.persno = " + persno;
com = new SqlCommand(str, con);
//get our data
//SqlDataReader reader = com.ExecuteReader();
//reader.Read();
DataTable dt = new DataTable();
dt.Load(com.ExecuteReader());
//if we have rows returned do our checks
if (dt != null)
{
//get our data for checking
//string org_string = reader["org_string"].ToString();
//string line_manager = reader["record_type"].ToString();
string org_string = dt.Rows[0]["org_string"].ToString();
string line_manager = dt.Rows[0]["record_type"].ToString();
//Line Manager Role check
if (line_manager == "<ChiefPosition>")
{
r.Add("Manager");
}
//HRSS Role Check
if (org_string.Contains("30001803"))
{
r.Add("HRSS");
}
//HRA Role Check
if (org_string.Contains("30003237"))
{
r.Add("HRA");
}
//add all custom roles by cycling through rows
if (dt.Rows.Count > 0)
{
foreach (DataRow row in dt.Rows)
{
if (row["role_name"].ToString() != null)
{
r.Add(row["role_name"].ToString());
}
}
}
//close our sql objects
dt.Dispose();
con.Close();
//return List as an array
string[] rolesArray = r.ToArray();
return rolesArray;
}
else
{
//if no Rows returned from SQL, return only Employee role from List
string[] rolesArray = r.ToArray();
return rolesArray;
}
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
}
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
throw new System.NotImplementedException();
}
public override void CreateRole(string roleName)
{
throw new NotImplementedException();
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
throw new NotImplementedException();
}
public override bool RoleExists(string roleName)
{
throw new NotImplementedException();
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
throw new NotImplementedException();
}
public override string[] GetUsersInRole(string roleName)
{
throw new NotImplementedException();
}
public override string[] GetAllRoles()
{
throw new NotImplementedException();
}
public override string ApplicationName { get; set; }
}
然后在web中。配置:
<roleManager defaultProvider="CustomRoleProvider" enabled="true">
<providers>
<clear/>
<add name="CustomRoleProvider" type="ClassLibrary.CustomRoleProvider"
applicationName="WebApplication1" writeExceptionsToEventLog="false"/>
</providers>
</roleManager>