Roles.IsUserInRole Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets a value indicating whether a user is in the specified role.
Overloads
IsUserInRole(String) |
Gets a value indicating whether the currently logged-on user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe. |
IsUserInRole(String, String) |
Gets a value indicating whether the specified user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe. |
IsUserInRole(String)
Gets a value indicating whether the currently logged-on user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe.
public:
static bool IsUserInRole(System::String ^ roleName);
public static bool IsUserInRole (string roleName);
static member IsUserInRole : string -> bool
Public Shared Function IsUserInRole (roleName As String) As Boolean
Parameters
- roleName
- String
The name of the role to search in.
Returns
true
if the currently logged-on user is in the specified role; otherwise, false
.
Exceptions
roleName
is an empty string or contains a comma (,).
Role management is not enabled.
Examples
The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles settings for the application. For an example of a Web.config file that enables role management, see Roles.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
string[] rolesArray;
MembershipUserCollection users;
public void Page_Load()
{
Msg.Text = "";
try
{
if (!Roles.IsUserInRole(User.Identity.Name, "Administrators"))
{
Msg.Text = "You are not authorized to view user roles.";
UsersListBox.Visible = false;
return;
}
}
catch (HttpException e)
{
Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
return;
}
if (!IsPostBack)
{
// Bind users to ListBox.
users = Membership.GetAllUsers();
UsersListBox.DataSource = users;
UsersListBox.DataBind();
}
// If a user is selected, show the roles for the selected user.
if (UsersListBox.SelectedItem != null)
{
// Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value);
UserRolesGrid.DataSource = rolesArray;
UserRolesGrid.DataBind();
UserRolesGrid.Columns[0].HeaderText = "Roles for " + UsersListBox.SelectedItem.Value;
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username"
Rows="8" AutoPostBack="true" runat="server" /></td>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Dim rolesArray() As String
Dim users As MembershipUserCollection
Public Sub Page_Load()
Msg.Text = ""
Try
If Not Roles.IsUserInRole(User.Identity.Name, "Administrators") Then
Msg.Text = "You are not authorized to view user roles."
UsersListBox.Visible = False
Return
End If
Catch e As HttpException
Msg.Text = "There is no current logged on user. Role membership cannot be verified."
Return
End Try
If Not IsPostBack Then
' Bind users to ListBox.
users = Membership.GetAllUsers()
UsersListBox.DataSource = users
UsersListBox.DataBind()
End If
' If a user is selected, show the roles for the selected user.
If Not UsersListBox.SelectedItem Is Nothing Then
' Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value)
UserRolesGrid.DataSource = rolesArray
UserRolesGrid.DataBind()
UserRolesGrid.Columns(0).HeaderText = "Roles for " & UsersListBox.SelectedItem.Value
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username"
Rows="8" AutoPostBack="true" runat="server" /></td>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
Remarks
The IsUserInRole method calls the RoleProvider.IsUserInRole method of the default role provider to determine whether the currently logged-on user is associated with a role from the data source for the application that is specified in the ApplicationName property. The currently logged-on user is identified by the HttpContext.User property of the current System.Web.HttpContext, or by Thread.CurrentPrincipal for non-HTTP hosting environments. If no user is logged on, an exception will be thrown. Only the roles for the application that is specified in the ApplicationName property are retrieved.
If CacheRolesInCookie is true
, then roleName
may be checked against the roles cache rather than the specified role provider.
See also
Applies to
IsUserInRole(String, String)
Gets a value indicating whether the specified user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe.
public:
static bool IsUserInRole(System::String ^ username, System::String ^ roleName);
public static bool IsUserInRole (string username, string roleName);
static member IsUserInRole : string * string -> bool
Public Shared Function IsUserInRole (username As String, roleName As String) As Boolean
Parameters
- username
- String
The name of the user to search for.
- roleName
- String
The name of the role to search in.
Returns
true
if the specified user is in the specified role; otherwise, false
.
Exceptions
roleName
is an empty string or contains a comma (,).
-or-
username
contains a comma (,).
Role management is not enabled.
Examples
The following code example programmatically checks whether a user is in the Administrators role before allowing the user to view roles settings for the application. For an example of a Web.config file that enables role management, see Roles.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
string[] rolesArray;
MembershipUserCollection users;
public void Page_Load()
{
Msg.Text = "";
try
{
if (!Roles.IsUserInRole(User.Identity.Name, "Administrators"))
{
Msg.Text = "You are not authorized to view user roles.";
UsersListBox.Visible = false;
return;
}
}
catch (HttpException e)
{
Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
return;
}
if (!IsPostBack)
{
// Bind users to ListBox.
users = Membership.GetAllUsers();
UsersListBox.DataSource = users;
UsersListBox.DataBind();
}
// If a user is selected, show the roles for the selected user.
if (UsersListBox.SelectedItem != null)
{
// Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value);
UserRolesGrid.DataSource = rolesArray;
UserRolesGrid.DataBind();
UserRolesGrid.Columns[0].HeaderText = "Roles for " + UsersListBox.SelectedItem.Value;
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username"
Rows="8" AutoPostBack="true" runat="server" /></td>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Dim rolesArray() As String
Dim users As MembershipUserCollection
Public Sub Page_Load()
Msg.Text = ""
Try
If Not Roles.IsUserInRole(User.Identity.Name, "Administrators") Then
Msg.Text = "You are not authorized to view user roles."
UsersListBox.Visible = False
Return
End If
Catch e As HttpException
Msg.Text = "There is no current logged on user. Role membership cannot be verified."
Return
End Try
If Not IsPostBack Then
' Bind users to ListBox.
users = Membership.GetAllUsers()
UsersListBox.DataSource = users
UsersListBox.DataBind()
End If
' If a user is selected, show the roles for the selected user.
If Not UsersListBox.SelectedItem Is Nothing Then
' Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value)
UserRolesGrid.DataSource = rolesArray
UserRolesGrid.DataBind()
UserRolesGrid.Columns(0).HeaderText = "Roles for " & UsersListBox.SelectedItem.Value
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username"
Rows="8" AutoPostBack="true" runat="server" /></td>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
Remarks
The IsUserInRole method calls the IsUserInRole method of the default role provider to determine whether a user name is associated with a role from the data source for the application that is specified in the ApplicationName property.
If username
is equal to the current logged-on user and the CacheRolesInCookie property value is true
, roleName
may be checked against the role cache rather than the specified Provider.