Is it possible to specify that multiple roles are required inside the authorization element of the web.config file? I currently have this block in one web.config of my site for a specific directory: <authorization> <allow roles="Global, Region" /> <deny users="*" /> </authorization> I've just identified a special case where ...
I am trying to write a module that will change a user's permissions once a node form is inserted into the database. I already have a role assigned when a user registers, but i want that role to be changed once they create a 'company' profile in this case which is when they fill out a cck form of 'company_post' type. My code is below... ...
I need to limit users to a single node of a given content type. So a user can only create one node of TypeX. I've come up with two approaches. Which would be better to use... 1) Edit the node/add/typex menu item to check the database to see if the user has already created a node of TypeX, as well as if they have permissions to create it...
1) a) I assume roles are cached ( by setting Roles.CacheRolesInCookie ) only for current user? b) Besides Roles.GetRolesForUser(_currentUser), are there any other methods that will read role information for current user from role cookie and thus won’t have to connect to the data base? 2) a) I assume that normally role cookie gets ...
When the CacheRolesInCookie property is set to true in the Web.config file, role information for each user is stored in a cookie. When role management checks to see whether a user is in a particular role, the roles cookie is checked before the role provider is called to check the list of roles at the data source. The cookie is dynamic...
I once saw an article about how to use a specific type of numbering system to manage roles. A user would be assigned a specific role number and depending on a calculation, the number could stand for multiple roles. Can anybody share this technique with me or share a link? Thanks! ...
ASP.NET MVC has good support for role-based security, but the usage of strings as role names is maddening, simply because they cannot be strongly-typed as enumerations. For example, I have an "Admin" role in my app. The "Admin" string will now exist in the Authorize attribute of my action, in my master page (for hiding a tab), in my da...
Hi, I am an experienced .NET developer but new to EF - so please bear with me. I will use an example of a college application to illustrate my problem. I have these user roles: Lecturer, Student, Administrator. In my code I envisage working with these entities as distinct classes so e.g. a Lecturer teaches a collection of Students. An...
If a loggedin user gets a new role, what does he has to do to get all permissions based on this role? logout and login again does not work reassign the roles with an admin-account works Do i have to delete all roles given to this user, and reassign them? Role model is hierarchical. ROLE_POWERUSER > ROLE_USER ...
I want to allow admins to be logged in for longer than normal users. I don't see a hook for setting the cookie timeout programmatically or in a role-based way. Is this possible in ASP using Forms Authentication? Thank you in advance. ...
Hey, i need some help with rails, again! Last it was about Authlogic.. Well I'm gone a bit backward since.. I mean, Authlogic isn't a Authentcate system i like.. So now i wan't you guys to tell me what you think is the best! I going to use it to a project of mine. Where there has to be a few roles like Admin, User and Guest.. So might y...
In several web applications, it is often necessary to define groups of users for purposes of membership as well as role management. For example, in one of our applications we would like to user a group of "Network Engineers" and another group that consists of "Managers" of such Network Engineers. The information we need is contact de...
So I know how to break inheritance from a list (SPList.BreakRoleInheritance(true)), but how do you reinherit from it's parent programmatically? Thanks ...
Does anyone know where Drupal stores, in the Database, the role of a user? It's not in the users table, and I can't seem to find it. I can find where it defines the role, defines the role's permissions, but I can't find where it defines what Role a certain User is. Anyone know? Thanks! ...
Hello all. I'm currently using the good ol login control, .net membership & role providers for a web app I'm building. I have a tabbed navigation menu that I want to make role specific i.e. everyones sees 'Home', one role would be able to see additional tabs, another would be able to see three, etc. Doe sthe allow for such a thing? H...
I would like to know how we can create different "user Roles" for different users in PHP. example: Administrator can create all types of users, add, view, manipulate data, delete managers, viewers, and workers, etc Managers can only create, workers and viewers, can add and view data, workers can't create new users, but can only add da...
My team implemented a UI to assign/revoke permission levels to users on a certain SharePoint list. The UI supplies an "undo" feature to restore the rights the user had before they were changed through our UI. Now there is a problem if the user had the "Limited Access" permission level: This permission level is removed when you do a chan...
Is there built in methods into .net framework to do the following: Get role GUID from user name/user GUID Get role name from role GUID So far I have been sending queries to the asp_roles and asp_users tables to obtain that information and I'm wondering if there is a nicer way of doing this? I have the following methods that I store...
I have had two instances of this problem, first on my local computer, now on the main site. Users can log in to the site, but it doesn't seem to recognize their roles. When I log in (which the database still recognizes as having the role admin), the code does not recognize it as being in the admin role. If there are other web.configs i...
Hi, I’m farely new to Wordpress but are working on putting a page together which has a very simple purpose. I’m creating it for a customer with little or none IT experience so I want to create a user he can use to login and edit his pages – and nothing more. No settings, no comments, no posts, no links, no nothing, just create, delete a...