Roles.IsUserInRole Method (String, String)
Gets a value indicating whether the specified user is in the specified role. The API is only intended to be called within the context of an ASP.NET request thread, and in that sanctioned use case it is thread-safe.
Assembly: System.Web (in System.Web.dll)
Parameters
- username
-
Type:
System.String
The name of the user to search for.
- roleName
-
Type:
System.String
The name of the role to search in.
Return Value
Type: System.Booleantrue if the specified user is in the specified role; otherwise, false.
| Exception | Condition |
|---|---|
| System.ArgumentNullException | roleName is null. -or- username is null. |
| System.ArgumentException | roleName is an empty string or contains a comma (,). -or- username contains a comma (,). |
| System.Configuration.Provider.ProviderException | Role management is not enabled. |
The IsUserInRole method calls the IsUserInRole method of the default role provider to determine whether a user name is associated with a role from the data source for the application that is specified in the ApplicationName property.
If username is equal to the current logged-on user and the CacheRolesInCookie property value is true, roleName may be checked against the role cache rather than the specified Provider.
The following code example programmatically checks whether a user is in the Administrators role before allowing the user to view roles settings for the application. For an example of a Web.config file that enables role management, see Roles.
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Dim rolesArray() As String Dim users As MembershipUserCollection Public Sub Page_Load() Msg.Text = "" Try If Not Roles.IsUserInRole(User.Identity.Name, "Administrators") Then Msg.Text = "You are not authorized to view user roles." UsersListBox.Visible = False Return End If Catch e As HttpException Msg.Text = "There is no current logged on user. Role membership cannot be verified." Return End Try If Not IsPostBack Then ' Bind users to ListBox. users = Membership.GetAllUsers() UsersListBox.DataSource = users UsersListBox.DataBind() End If ' If a user is selected, show the roles for the selected user. If Not UsersListBox.SelectedItem Is Nothing Then ' Bind roles to GridView. rolesArray = Roles.GetRolesForUser(UsersListBox.SelectedItem.Value) UserRolesGrid.DataSource = rolesArray UserRolesGrid.DataBind() UserRolesGrid.Columns(0).HeaderText = "Roles for " & UsersListBox.SelectedItem.Value End If End Sub </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Sample: View User Roles</title> </head> <body> <form runat="server" id="PageForm"> <h3>View User Roles</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table border="0" cellspacing="4"> <tr> <td valign="top"><asp:ListBox id="UsersListBox" DataTextField="Username" Rows="8" AutoPostBack="true" runat="server" /></td> <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" AutoGenerateColumns="false" Gridlines="None" CellSpacing="0" > <HeaderStyle BackColor="navy" ForeColor="white" /> <Columns> <asp:TemplateField HeaderText="Roles" > <ItemTemplate> <%# Container.DataItem.ToString() %> </ItemTemplate> </asp:TemplateField> </Columns> </asp:GridView></td> </tr> </table> </form> </body> </html>
Available since 2.0