Role of Users

Topics: ASP.NET 2.0, Business Logic Layer
Nov 19, 2007 at 2:55 PM
Hi everybody,
i am new to using BlogEngine .Net. When i am trying to change role of user it doesnt work. role.xml was not changed.i have configured XMLMembershipProvider. But i dont know what i missed in that. Anyone can help me.
Nov 21, 2007 at 5:13 PM
Same problem here. I checked function both in Firefox 2.0.0.9 and IE. 7.0. The check boxes goes back to the original state.

The file "roles.xml" is not read-only.
Nov 22, 2007 at 2:06 AM
So what you need to do is change the premissions on the "roles.xml" file. (The security setttings)



theflowmachine wrote:
Same problem here. I checked function both in Firefox 2.0.0.9 and IE. 7.0. The check boxes goes back to the original state.

The file "roles.xml" is not read-only.

Nov 22, 2007 at 9:41 AM
Edited Nov 22, 2007 at 9:41 AM


Thank u for ur reply.Now its working fine.But now i am getting problem in creating users.When i creating user in existing user name it shows error. i don know how to validate this.Help me plz


Nov 23, 2007 at 8:30 AM
The whole App_Data folder needs to have write permissions.

See:

http://www.dotnetblogengine.net/wiki/Installation.ashx#D-Freshinstallation

Nov 23, 2007 at 9:16 AM
Edited Nov 23, 2007 at 9:16 AM
I am getting error in creating user.When i creating new user in same as existing user name i got an error "An item with the same key has already been added. "
System.ArgumentException: An item with the same key has already been added. I want to validate username wiyh existing username can help me how to do?
Nov 23, 2007 at 12:34 PM
If you want to validate a user, should you be creating a new user with the same name? Or, should you be trying to log in with the new user name credentials? I think you would want to do the latter.
Nov 23, 2007 at 1:02 PM
I dont want to allow user name which is match with existing user names. Means that i want to validate dublicate user names ie doesnt allow users to enter same username.
Nov 23, 2007 at 1:24 PM
Edited Nov 23, 2007 at 1:27 PM
I am playing with BE 1.2 and I tried entering an existing user and it gives me the message Please enter a different user name. This is reasonable. So the application is not failing, it seems to be acting as one would expect. Perhaps I don't understand the problem you are having.

BTW, I am using SQL Server as the backend to store my users and roles. I assume you are using the XML provider for this and this may be the reason why I am not seeing the error you are describing. If this is the case, you may want to look at the XmlMembershipProvider class.
Nov 23, 2007 at 3:34 PM
Hi,

The App_Data and the contained files HAVE read/write permissions.

It is possible to create a user as admin and then assign "editor"-role, so it is possible to write to the "roles.xml". Although I'm using the SQL Server provider, the users and roles are still saved in the xml-files.

As far as I can tell, the SQL setup file does NOT create any user or role-related tables.
Nov 23, 2007 at 6:53 PM
OK. I was assuming that since if the SQL Server provider was being used that aspnet_regsql.exe had also been ran.
Nov 24, 2007 at 9:16 AM


lvildosola wrote:
I am playing with BE 1.2 and I tried entering an existing user and it gives me the message Please enter a different user name. This is reasonable. So the application is not failing, it seems to be acting as one would expect. Perhaps I don't understand the problem you are having.

BTW, I am using SQL Server as the backend to store my users and roles. I assume you are using the XML provider for this and this may be the reason why I am not seeing the error you are describing. If this is the case, you may want to look at the XmlMembershipProvider class.



yes lvildosola i am using XMLMembershipProvider to storing users and roles. But i tried to create existing user names it gives an error "An item with the same key has already been added. "
System.ArgumentException: An item with the same key has already been added. ". I don want to allow existing user name or can u tel me what i want to do for SQLMembershipProvider in web.config and all.
Nov 24, 2007 at 1:49 PM
Edited Nov 25, 2007 at 2:11 PM
NOTE: Original contents were moved to a wiki page.

Please refer to the page Using ASP.NET 2.0 SQL Membership and Role Providers in the BlogEngine.NET wiki for the details on changing the Memebership and Role providers in BlogEngine.NET.
Nov 24, 2007 at 8:34 PM
i noticed that there is some role management code (methods to add/edit roles), but nowhere in the app to do so. I want to delete the "editor" role and add two custom roles ("players" and "captains"). i may have to do a fresh install, since i've already messed around with a lot of the settings and recompiled, but i'd like some way to manage the roles. how do i do this?
Nov 24, 2007 at 9:59 PM
I don't think it is a matter of just changing the roles. Unless I'm not understanding what has been done. From what I see you will need to also change some logic since these roles are fixed in the code. It should be feasible though. You will need to define what your roles will have access to and the operations you want to allow them so you can place the necessary checks for your roles in the code. The trick in all this is understanding how ASP.NET 2.0 security works, at least at some high level, to know what methods to call. I'm afraid it is not something that can be walked through since the changes would be many to list.
Nov 25, 2007 at 5:48 AM
OK, lvildosola, thanks for the information.

In that case, there are a lot of details missing in the following page:

http://www.dotnetblogengine.net/wiki/SQLServerBlogProvider.ashx
Nov 25, 2007 at 12:46 PM
Edited Nov 25, 2007 at 2:14 PM
The information provided in that page does only cover the Blog provider, which is what I used to make BlogEngine.NET store the blog contents in SQL Server. However, you are correct in that there is nowhere any details on how to enable User and Role management in SQL Server. For that you need to change the Membership and Role providers. Perhaps if the steps are validated by others it may be something they can just add to their documentation.

NOTE: I have since moved the steps to a wiki page on the BlogEngine.NET wiki site called Using ASP.NET 2.0 SQL Membership and Role Providers.
Nov 25, 2007 at 11:09 PM
Is there a way to create a default user without the way the described here?

I managed to create a default user with the help of "Create User Wizard" control, but the only administrative page i'm seeing is "Users".

As I'm using a shared web hosting plan, I don't have access to the ASP.NET Configuration webpage.
Nov 26, 2007 at 5:00 AM
What I would do if I were you is create the user locally and copy the record to your hosted schema. You should be able to access your SQL schema as an administrator of your ISP account.
Jun 16, 2008 at 4:10 PM
Hi guys,

I discover some bugs.
The method delete is not working.
I debug the code and see that internaly, it's uses the method Remove. But it isn't work. I'll post later the code that I made to delete a role.