Export (0) Print
Expand All

Roles.IsUserInRole Method (String)

Gets a value indicating whether the currently logged-on user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static bool IsUserInRole(
	string roleName
)

Parameters

roleName
Type: System.String

The name of the role to search in.

Return Value

Type: System.Boolean
true if the currently logged-on user is in the specified role; otherwise, false.

ExceptionCondition
System.ArgumentNullException

roleName is null.

-or-

There is no current logged-on user.

System.ArgumentException

roleName is an empty string or contains a comma (,).

System.Configuration.Provider.ProviderException

Role management is not enabled.

The IsUserInRole method calls the RoleProvider.IsUserInRole method of the default role provider to determine whether the currently logged-on user is associated with a role from the data source for the application that is specified in the ApplicationName property. The currently logged-on user is identified by the HttpContext.User property of the current System.Web.HttpContext, or by Thread.CurrentPrincipal for non-HTTP hosting environments. If no user is logged on, an exception will be thrown. Only the roles for the application that is specified in the ApplicationName property are retrieved.

If CacheRolesInCookie is true, then roleName may be checked against the roles cache rather than the specified role provider.

The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles settings for the application. For an example of a Web.config file that enables role management, see Roles.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

string[] rolesArray;
MembershipUserCollection users;

public void Page_Load()
{
  Msg.Text = "";

  try
  {
    if (!Roles.IsUserInRole(User.Identity.Name, "Administrators"))
    {
      Msg.Text = "You are not authorized to view user roles.";
      UsersListBox.Visible = false;
      return;
    }
  }
  catch (HttpException e)
  {
    Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
    return;
  }


  if (!IsPostBack)
  {
    // Bind users to ListBox.

    users = Membership.GetAllUsers();
    UsersListBox.DataSource = users;
    UsersListBox.DataBind();
  }


  // If a user is selected, show the roles for the selected user.

  if (UsersListBox.SelectedItem != null)
  {
    // Bind roles to GridView.

    rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value);
    UserRolesGrid.DataSource = rolesArray;
    UserRolesGrid.DataBind();

    UserRolesGrid.Columns[0].HeaderText = "Roles for " + UsersListBox.SelectedItem.Value;
  }
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" 
                                    Rows="8" AutoPostBack="true" runat="server" /></td>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>

.NET Framework

Supported in: 4.6, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft