Role based Profile data in asp.net ProfileProvider

Question

I have defined a couple of different roles in my asp.net website : Administrators, DefaultUsers. Currently i use the built-in profile provider to store some information about the user (first name, last name, avatar ...). What i would like to do next is provide a user who has the "Admistrators" role to store some data about his preferences. (maybe EditorType, Notifications,LogSize ...).

Is it something that can be done with the default Profile provider? or do i have to build a custom table or a custom provider and maintain these data myself? What i would like to have are role-based profile properties. Any ideas are welcome!

Answer 1

With the default Profile provider you can add those extra admin-only properties. Sure they'll be available to all users, but it's simple enough to control that from code.

As an added advantage if someone has their admin privileges temporarily revoked the information is still saved, and when they get them back all their old values are still there. Of course you can clear them or not depending on your requirements.

As with any security system, the presence of a particular property on a user should not infer role/group membership, so make sure you still do your user.IsInRole("Administrators") checks.

Answer 2

What you want to achieve is not possible since one profile binds to one user and not to role. Users can have multiple roles but not multiple profiles.

If you want to do it anyway, you can go on creating properties available to all users but effective only to those in Admin. role only. You can do this check in code.

I recommend you not to use ProfileProviders in this scenario. Everything is stored as text in this case which will deteriorate the application performance heavily.

Answer 3

You can't really extend the built-in role-based system, as the other answerer have already noted.

What you could do, however, in order to keep your current ASP.NET membership- and role-providers and keep benefitting from their services, is just simply create an extension table for the aspnet_Roles. Something like this:

CREATE TABLE dbo.MyOwnRoleExtensions
(ExtensionID INT IDENTITY(1,1) PRIMARY KEY,
 ApplicationId uniqueidentifier,
 RoleId uniqueidentifier,
 (whatever fields you need here......)
)

You could then establish a foreign key relationship to the aspnet_Roles table on (ApplicationId, RoleId) and thus associate your "role extensions" table with the base aspnet_Roles table.

Of course, if you need to retrieve the additional fields in your extensions table, you'll need to do that in your own code - but that way, you can still use and leverage all the niceties of the built-in ASP.NET membership and role providers and you don't need any dirty hack or anything.

Marc