通过

AuthorizationStoreRoleProvider.IsUserInRole(String, String) 方法

定义

命名空间:
System.Web.Security
程序集:
System.Web.dll

获取一个指示指定用户是否属于指定角色的值。

public:
 override bool IsUserInRole(System::String ^ username, System::String ^ roleName);
public override bool IsUserInRole(string username, string roleName);
override this.IsUserInRole : string * string -> bool
Public Overrides Function IsUserInRole (username As String, roleName As String) As Boolean

参数

username
String

要搜索的用户名。

roleName
String

作为搜索范围的角色。

返回

Boolean

如果指定的用户名属于指定角色,则为 true;否则为 false

例外

ArgumentNullException

usernamenull

- 或 -

roleNamenull

ArgumentException

roleName 是一个空字符串。

- 或 -

roleName 包含一个逗号。

- 或 -

username 包含一个逗号。

ProviderException

未找到已配置的 applicationName

- 或 -

未找到已配置的 scopeName

- 或 -

服务器上没有安装身份验证管理器运行时。

FileNotFoundException

connectionStringName 特性引用了一个指向不存在的文件的连接字符串。

HttpException

AuthorizationStoreRoleProvider 实例使用基于文件的策略存储进行配置,且当前的信任级别不允许对文件进行读访问。

示例

下面的代码示例以编程方式检查已登录用户是否为管理员角色,然后允许用户查看用户角色。 有关启用角色管理的 Web.config 文件的示例,请参阅 AuthorizationStoreRoleProvider

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

string[] rolesArray;
MembershipUserCollection users;

public void Page_Load()
{
  Msg.Text = "";

  try
  {
    if (!Roles.IsUserInRole(User.Identity.Name, "Administrators"))
    {
      Msg.Text = "You are not authorized to view user roles.";
      UsersListBox.Visible = false;
      return;
    }
  }
  catch (HttpException e)
  {
    Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
    return;
  }


  if (!IsPostBack)
  {
    // Bind users to ListBox.

    users = Membership.GetAllUsers();
    UsersListBox.DataSource = users;
    UsersListBox.DataBind();
  }


  // If a user is selected, show the roles for the selected user.

  if (UsersListBox.SelectedItem != null)
  {
    // Bind roles to GridView.

    rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value);
    UserRolesGrid.DataSource = rolesArray;
    UserRolesGrid.DataBind();

    UserRolesGrid.Columns[0].HeaderText = "Roles for " + UsersListBox.SelectedItem.Value;
  }
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" 
                                    Rows="8" AutoPostBack="true" runat="server" /></td>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>

<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Dim rolesArray() As String
Dim users As MembershipUserCollection

Public Sub Page_Load()

  Msg.Text = ""

  Try
    If Not Roles.IsUserInRole(User.Identity.Name, "Administrators") Then
      Msg.Text = "You are not authorized to view user roles."
      UsersListBox.Visible = False
      Return
    End If
  Catch e As HttpException
    Msg.Text = "There is no current logged on user. Role membership cannot be verified."
    Return
  End Try


  If Not IsPostBack Then
    ' Bind users to ListBox.

    users = Membership.GetAllUsers()
    UsersListBox.DataSource = users
    UsersListBox.DataBind()
  End If


  ' If a user is selected, show the roles for the selected user.

  If Not UsersListBox.SelectedItem Is Nothing Then
    ' Bind roles to GridView.

    rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value)
    UserRolesGrid.DataSource = rolesArray
    UserRolesGrid.DataBind()

    UserRolesGrid.Columns(0).HeaderText = "Roles for " & UsersListBox.SelectedItem.Value
  End If

End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" 
                                    Rows="8" AutoPostBack="true" runat="server" /></td>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>

注解

方法 IsUserInRoleRoles 类和 IsInRole 属性的 Page.User 方法调用,以确定用户是否与 ASP.NET 应用程序的配置文件 (Web.config) 中指定的授权管理器数据存储中的角色相关联。

适用于

另请参阅