Share via


ASP.NET Core 2.0: User Role Base Dynamic Menu Using Dependency Injection

Introduction  

Before we start this article kindly read the previous article,

In the previous article, we have discussed in detail about how to use ASP.NET Core Identity in MVC Application for creating user roles and displaying the menu depending on user roles.

In this article, we will see in detail how to display role-based dynamic menu after a user logs in. For this, we will create a Menu Master table and insert a few records to display the menu and link the URL to the menu based on the logged in user's role.

Here we will see how to:

  • Create default admin and manager users.
  • Create MenuMaster table and insert a few sample records for Admin and Manager roles to display menus.
  • Redirect unauthenticated users to the login page. 
  • Display menu dynamically based on logged in user.

Prerequisites

Make sure you have installed all the prerequisites on your computer. If not, download and install all, one by one.

  1. First, download and install Visual Studio 2017 from this link
  2. SQL Server 2014 or above

Step 1: Create a Database

This is in continuation of the previous article as we have told that, we will be using a Common Database for both ASP.NET Identity tables and for our own new tables.

In the previous article, we have explained about creating User Role, here for Role base Menu management we need to make a relationship table between ASP.NET Roles table and our menu table.

Let us see in detail about how to create our new Menu Table which has a relationship with ASP.NET Identity AspNetRoles table.

Here we can see Field used for MenuMaster

Firstly, we will create a Database and set the connection string in appsettings.json file for DefaultConnection with our new database connection. We will be using this database for ASP.NET Core Identity table creation.

Create Database: Run the following script to create our database MenuMaster table and sample Menu insert rows script. 

USE MASTER        
GO        
         
-- 1) Check for the Database Exists .If the database is exist then drop and create new DB        
IF EXISTS (SELECT [name] FROM  sys.databases WHERE  [name] = 'AttendanceDB'  )        
DROP DATABASE  AttendanceDB        
GO        
         
CREATE DATABASE  AttendanceDB        
GO        
          
  
USE AttendanceDB     
GO     
    
IF EXISTS ( SELECT  [name] FROM  sys.tables WHERE  [name] = 'MenuMaster' )     
DROP TABLE  MenuMaster     
GO     
      
CREATE TABLE  MenuMaster     
(     
   MenuIdentity int  identity(1,1),     
   MenuID VARCHAR(30)  NOT NULL,     
   MenuName VARCHAR(30)  NOT NULL,   
   Parent_MenuID  VARCHAR(30)  NOT NULL,   
   User_Roll [varchar](256) NOT NULL,    
   MenuFileName VARCHAR(100) NOT NULL,      
   MenuURL VARCHAR(500) NOT NULL,     
   USE_YN Char(1) DEFAULT  'Y',     
   CreatedDate datetime     
CONSTRAINT [PK_MenuMaster] PRIMARY KEY  CLUSTERED           
(          
  [MenuIdentity] ASC    ,     
  [MenuID] ASC,     
  [MenuName] ASC      
)WITH (PAD_INDEX  = OFF, STATISTICS_NORECOMPUTE  = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS  = ON, ALLOW_PAGE_LOCKS  = ON) ON  [PRIMARY]          
) ON  [PRIMARY]        
     
select * from MenuMaster   
-- Insert Admin User Details 
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('AUSER','ADMIN Dashboard','*','ADMIN','INDEX','ADMINC','Y',getDate())   
 Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('AAbout','About Admin','*','ADMIN','INDEX','ADMINAC','Y',getDate())    
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('LStock','Live Stock','AUSER','ADMIN','INDEX','StockC','Y',getDate())      
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('Profile','User Details','AUSER','ADMIN','INDEX','MemberC','Y',getDate())    
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('MUSER','Manager Dashboard','*','ADMIN','INDEX','ManagerC','Y',getDate())   
 Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('MAbout','About Manager','*','ADMIN','INDEX','ManagerAC','Y',getDate())    
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('Accounts','Account Details','MUSER','ADMIN','INDEX','AccountC','Y',getDate())     
    Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('Inventory','Inventory Details','MUSER','ADMIN','INDEX','InventoryC','Y',getDate())   
  
-- Insert Manager User Details  
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('MUSER','Manager Dashboard','*','Manager','INDEX','ManagerC','Y',getDate())   
 Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('MAbout','About Manager','*','Manager','INDEX','ManagerAC','Y',getDate())    
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('Accounts','Account Details','MUSER','Manager','INDEX','AccountC','Y',getDate())      
Insert into  MenuMaster(MenuID ,MenuName,Parent_MenuID,User_Roll,MenuFileName,MenuURL,USE_YN,CreatedDate) 
    Values('Inventory','Inventory Details','MUSER','Manager','INDEX','InventoryC','Y',getDate())    
  
  
select * from MenuMaster  
  
select * from AspnetUserRoles

Here we can see the format we are using in our Menu Master table to insert our records for display menu based on user role.

MenuID = 'AUSER' (We will give unique menu ID)

MenuName = 'ADMIN Dashboard' (We will give menu display text),

Parent_MenuID = '*’ (If this is main menu then we will give here as “*” else we will give the MenuID of previous records to display this record to show as submenu)

User_Roll = 'ADMIN' (Here we will give the User Role, if the same menu needs to be used for multiple roles based users like Admin, Manager, Accountant and etc. then we will insert the same menu details with different user roles. In our sample we have added the same menu details as 'Manager Dashboard' for both Admin and Manager User as both can view the menu and page.)

,MenuFileName = 'INDEX' (Here we give our View name to be displayed when the menu is clicked)

MenuURL = 'ADMINC' (Here we give our Controller name to be displayed when the menu is clicked)

USE_YN = 'Y' (This is optional field as we can use this as to display menu or not)

CreatedDate = getDate()  (This also optional as to input the Crete date) 

In this demo application, we have already all the needed controllers and view to be displayed when user clicks on the menu.

Step 2: **Create your ASP.NET Core **

After installing our Visual Studio 2017 click Start, then Programs and select Visual Studio 2017 - Click Visual Studio 2017. Click New, then Project, select Web and then select ASP.NET Core Web Application. Enter your project name and click 

Select Web Application(Model-View-Controller) and click Change Authentication.

Select Individual User Accounts and click OK to create your project.

Updating appsettings.json 

In appsettings.json file we can find the DefaultConnection Connection string. Here in connection string change your SQL Server Name, UID and PWD to create and store all user details in one database. 

"ConnectionStrings": { 
    "DefaultConnection": "Server= YOURSERVERNAME;Database=InventoryDB;user id= YOURSQLUSERID;password=;Trusted_Connection=True;MultipleActiveResultSets=true" 
  },

Step 3: Add Identity Service to Startup.cs file

By default, in your ASP.NET Core application, the Identity Service will be added in Startup.cs File /ConfigureServices method. You can also additionally add the password strength while user the register and also set the default login page/logout page and also AccessDenaiedPath by using the following code.

services.AddIdentity<ApplicationUser, IdentityRole>() 
                .AddEntityFrameworkStores<ApplicationDbContext>() 
                .AddDefaultTokenProviders(); 
  
  
            //Password Strength Setting 
            services.Configure<IdentityOptions>(options => 
            { 
                // Password settings 
                options.Password.RequireDigit = true; 
                options.Password.RequiredLength = 8; 
                options.Password.RequireNonAlphanumeric = false; 
                options.Password.RequireUppercase = true; 
                options.Password.RequireLowercase = false; 
                options.Password.RequiredUniqueChars = 6; 
  
                // Lockout settings 
                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30); 
                options.Lockout.MaxFailedAccessAttempts = 10; 
                options.Lockout.AllowedForNewUsers = true; 
  
                // User settings 
                options.User.RequireUniqueEmail = true; 
            }); 
  
            //Seting the Account Login page 
            services.ConfigureApplicationCookie(options => 
            { 
                // Cookie settings 
                options.Cookie.HttpOnly = true; 
                options.ExpireTimeSpan = TimeSpan.FromMinutes(30); 
                options.LoginPath = "/Account/Login"; // If the LoginPath is not set here, ASP.NET Core will default to /Account/Login 
                options.LogoutPath = "/Account/Logout"; // If the LogoutPath is not set here, ASP.NET Core will default to /Account/Logout 
                options.AccessDeniedPath = "/Account/AccessDenied"; // If the AccessDeniedPath is not set here, ASP.NET Core will default to /Account/AccessDenied 
                options.SlidingExpiration = true; 
            });

Step 4: Register and Create Users

Now our Asp.NET Core web application is ready for the user to register on our website and also user can log in to our system after registration. We will be doing the Authorization by adding a role to a user in next steps. Build and run your application to register your first default Admin user.

Here we will be registering two users as one for Admin and another user for Manager. We will be using this user for adding roles. We will create two users as syedshanumcain@gmail.com and afraz@gmail.com . Note: You can create users as per your need and change the user details in startup code for adding roles to users.

Refresh the Database:

When we refresh our database, we can see all the Identity tables has been created.

Step 5: Create Role and assign User for Role

We use the below method to create a new Role’s as “Admin” and “Manager”, we will assign the recently registered users as “Admin”  and  “Manager” to our website. Open Startup.cs file and add this method to your Startup.cs file.

private async Task CreateUserRoles(IServiceProvider serviceProvider) 
        { 
            var RoleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>(); 
            var UserManager = serviceProvider.GetRequiredService<UserManager<ApplicationUser>>(); 
  
  
            IdentityResult roleResult; 
            //Adding Addmin Role   
            var roleCheck = await RoleManager.RoleExistsAsync("Admin"); 
            if (!roleCheck) 
            { 
                //create the roles and seed them to the database   
                roleResult = await RoleManager.CreateAsync(new IdentityRole("Admin")); 
            } 
  
            roleCheck = await RoleManager.RoleExistsAsync("Manager"); 
            if (!roleCheck) 
            { 
                //create the roles and seed them to the database   
                roleResult = await RoleManager.CreateAsync(new IdentityRole("Manager")); 
            } 
  
            //Assign Admin role to the main User here we have given our newly loregistered login id for Admin management   
            ApplicationUser user = await UserManager.FindByEmailAsync("syedshanumcain@gmail.com"); 
            var User = new  ApplicationUser(); 
            await UserManager.AddToRoleAsync(user, "Admin");  
  
  
            user = await UserManager.FindByEmailAsync("Afraz@gmail.com"); 
            await UserManager.AddToRoleAsync(user, "Manager");  
  
        }

From Startup.cs file we can find the Configure method. Call our CreateUserRoles method from this Configure method. When we build and run our application we can see new Role as “Admin” and “Manager” will be created in the ASPNetRole table.  

Step 6: Create Admin/Manager Page and Set Authorization

Now we have an Admin/Manager user for our ASP.NET Core web application as a next step lets create Controllers and views to display based on user login, In our previous example we have already seen on how to set Authorization for roles in each page, Using that we will be creating all our need Controllers and Views.IN the attached sample demo application you can found all the controllers and views which we have created and created your own as per your need.  

** Step 7: Working with Dependency Injection **

Creating Model Class

First, we will start with creating a class in our Model folder. We give the class name as MenuMaster as same as our table name in our Database. In MenuMaster class, we need to create properties same like our Table fields like below.

public class  MenuMaster 
    { 
        [Key] 
        public int  MenuIdentity { get; set; } 
        public string  MenuID { get; set; } 
        public string  MenuName { get; set; } 
        public string  Parent_MenuID { get; set; } 
        public string  User_Roll { get; set; } 
        public string  MenuFileName { get; set; } 
        public string  MenuURL { get; set; } 
        public string  USE_YN { get; set; } 
        public DateTime CreatedDate { get; set; } 
    }

Creating Interface Class

Now, it’s time for us to create an interface with a method named GetMenuMaster(), GetMenuMaster(String UserRole) and we will be implementing this interface in our Service to get all the Menu details from the table and also another method to get the menu by user role. For creating the Interface, add a new class to your model folder and name the class as “IMenuMasterService”.

We will change the class to an interface as we are going to create an interface to implement in our service. 

public interface  IMenuMasterService 
    { 
        IEnumerable<MenuMaster> GetMenuMaster(); 
        IEnumerable<MenuMaster> GetMenuMaster(String UserRole); 
     }

Creating Service:

Now, let’s add a new class Services folder and name the class as “MenuMasterService”. In this class, we will be implementing our interface IMenuMasterService. We know that if we implement the interface, then we should declare the interface method in our class. In this service, we use the interface method and we return the list with Menu details and also return the Menu details by user role. We will be directly Injecting this on our View page.

public class  MenuMasterService:IMenuMasterService 
    { 
        private readonly  ApplicationDbContext _dbContext; 
  
        public MenuMasterService(ApplicationDbContext dbContext)  
        { 
            _dbContext = dbContext; 
        } 
  
        public IEnumerable<MenuMaster> GetMenuMaster() 
        {  
            return _dbContext.MenuMaster.AsEnumerable(); 
  
        }  
  
        public IEnumerable<MenuMaster> GetMenuMaster(string UserRole) 
        {   
            var result = _dbContext.MenuMaster.Where(m => m.User_Roll == UserRole).ToList();   
            return result; 
        } 
    }

Register the Service

We need to register our created service to the container. Open the Startup.cs from your project to add the service to the container.

In the Startup.cs class, find the method named as ConfigureServices and add your service “MenuMasterService” like below. 

services.AddTransient<MenuMasterService, MenuMasterService>();

Inject the Service in the _Layout.cshtml page

 Now, it’s much simpler and easier as we can directly Inject the service in our View page and bind all the result to our view page. For injecting the Service in our View, here we will be using our existing _Layout.cshtml page. Since we are going to display the menu on top of our website an use on all our pages, here we have used the _Layout.cshtml page to bind the menu results as a menu based on user logged in.

Here first we check the user is Authenticated to our website then if the user is logged in then we get the role details of the logged in user and bind the menu based on the user roles. Here we are binding 2 level of the menu as Main Menu and Submenu. In our table result we check for all the Parenut_MenuID=” *” as we will be displaying the main menu with the parent_MenuID as “*” and in next inner loop, we display the submenu appropriate to the main menu.

<div class="navbar-collapse collapse"> 
 <ul class="nav navbar-nav"> 
   <li><a asp-area="" asp-controller="Home" asp-action="Index">Home</a></li> 
 @if (User.Identity.IsAuthenticated) 
        { 
            var UserRoles = ""; 
            if (@User.IsInRole("Admin")) 
            { 
                UserRoles = "Admin"; 
            } 
            else 
            { 
                UserRoles = "Manager"; 
            } 
  
                @if (menus.GetMenuMaster(@UserRoles).Any()) 
                { 
                @if (menus.GetMenuMaster(@UserRoles).Any()) 
                { 
                @foreach (var menuNames in menus.GetMenuMaster(@UserRoles).Where(n => n.Parent_MenuID == "*")) 
                { 
                        <li> 
                            <a asp-area="" asp-controller=@menuNames.MenuURL asp-action=@menuNames.MenuFileName>@menuNames.MenuName</a> 
                            <ul class="sub-menu"> 
                                @foreach (var subMenu in menus.GetMenuMaster(@UserRoles).Where(n => n.Parent_MenuID == @menuNames.MenuID)) 
                                  { 
                                    <li> 
                                        <a asp-area="" asp-controller=@subMenu.MenuURL asp-action=@subMenu.MenuFileName>@subMenu.MenuName</a> 
                                    </li> 
                                   } 
                            </ul> 
                            </li> 
                } 
                } 
                } 
            } 
  </ul>

Conclusion

Firstly, create a sample AttendanceDB Database in your SQL Server and run the script to create MenuMaster table and insert sample records. In the appsettings.json  file change the DefaultConnection connection string with your SQL Server Connections. In Startup.cs file add all the code as we discussed in this article. This is simple demo application and we have fixed with Admin and Manager roles, you can change as per your requirement and also the CSS design for menu and submenu is not good for Mobile compatibility you can add your own bootstrap design to implement your menu style. Hope you all like this article and soon we will see in another article with more live examples.

See Also

Download

ASP.NET Core 2.0 User Role Base Dynamic Menu Management Using Dependency Injection