How to create Virtual Roles dynamically?

Vote:
 

To use the virtual roles in EPiServer there are 2 steps that are needed to implement.

  • The first step is to have a class that inherit from EPiServer.Security.VirtualRoleProviderBase and that overrides the method IsInVirtualRole
  • The second step is to add this new role in your web.config in the <virtualRoles/> tag. <add name="CustomVirtualProvider" type="EPiServer.CustomVirtualProvider, EPiServer.Templates.Public"/>

Few queries on Virtual Roles:

1. Is this IsInVirtualRole method mentioned in first step is called when we click on any pages in EPiServer? I have created the class named CustomVirtualProvider2 which inherit from EPiServer.Security.VirtualRoleProviderBase and that overrides the method IsInVirtualRole.

public class CustomVirtualProvider2 :EPiServer.Security.VirtualRoleProviderBase

{

public override bool IsInVirtualRole(System.Security.Principal.IPrincipal principal, object context)

{             

          /* check if the user belongs in other roles */

          System.Security.Principal.IPrincipal user = PrincipalInfo.CurrentPrincipal;

         if (user.IsInRole("testtest") && user.IsInRole("Testing"))

                        {

                             return true;

                        }

        else

                       {

                           return false;

                       }

                }

}

 

I have added an entry in web.config under <virtualRoles/> tag

<add name="EditorA" type="EPiServer.CustomVirtualProvider2, FIFA.Presentation"/>

 

I found that this IsInVirtualRole of CustomVirtualProvider2 is called only when checking for that Virtual Role explicitly in Pages (I am checking the virtual role in CheckRoles.aspx).

Boolean boolEditorA = user.IsInRole("EditorA");

2. Is there any other way to create the Virtual Roles other than to create class that inherit from EPiServer.Security.VirtualRoleProviderBase and that overrides the method IsInVirtualRole and adding the new role in web.config?

3. We want virtual roles to be created dynamically. Like the end user should be able to create a Virtual Role stating the role mapping (using the AND, OR, NOT condition through application view mode).

For Example: End user wants to create the Virtual Role named "editor" based on the condition only if users are belonging to the Roles A & B but not C.

4. In Edit Mode the Pages listed in the tree structure based on the Access Rights. If the end user changes the Access Rights of the Page for Virtual Roles will that be handled by EPiServer (like that of Roles in EPiServer)?

Thanks,

Pradeepa Gopal 

 

#19735
Apr 30, 2008 15:16