ASP.net Membership - adding a role

Question

I need some advice whether it is recommended to add a membership role to a web application after the web application has been deployed and is in use.

The problem with this is that the role is created through the ASP.NET web site admin tool and automatically updates the ASPNETDB database.

The ASPNETDB database in the live environment will then have to be manually updated to reflect the updated roles. So as part of deployment while the website is offline I will need to update the security database with the extra role and add the database in again.

Is this the correct way to updates roles in a web application after it has been deployed?

Answer 1

That is exactly what I've done in the past. I'll create a SQL script containing the updates to the database, in this case it will be a SQL script to insert data. Also, if you need to make changes to the membership tables often, I recommend you create an interface to do this, a simple asp.net form will work.

Answer 2

This code will create a role if it doesn't exist.

using System.Web.Security;

+

const string newRoleName = "newRoleName";

if( !Roles.RoleExists(newRoleName) )
    Roles.CreateRole(newRoleName) );

You could slip it into a quick admin page or put it into your application_start event or something.