13

I'm using the ASP.NET MVC 5 built in authentication methods. I would like to show and hide links (in the menu navbar) based on the role the user is in.

Has anyone acheived this?

Where would be a starting point?

Improve this question

3 Answers 3

Reset to default
25

Just wrap your links in:

@if (User.IsInRole("SomeRole"))
{
    ...
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

To add to this, according to Microsoft it is good practice to use user roles that describe what it is that user has permission to do. e.g. if you wanted to have a link in the navbar to add new users @if(User.IsInRole("AddUsers")) as opposed to using a generic role like "Admin" or something.
@IanSoc: That's actually what roles are. Something like "Admin" is a group. The problem is that Microsoft has long treated the two as interchangeable, especially in the context of Windows Auth, where your roles are actually AD groups. However, "Admin" still tends to be acceptable as a role as a way of simply saying "has all roles", instead of having to add every possible role individually.
4

You can use MvcSiteMap for this. It has a feature called SecurityTrimming which uses the [Authorize] attribute on your action methods to decide whether or not to display the menu item.

I know it's frowned upon to post a links in answers but I found this blog post very useful.

In addition to the role-based menu visibility, I added custom attributes to the MvcSiteMapNodes to determine visibility of links that were accessible to users but I didn't want shown in the menu (e.g. Edit pages), and I also added icon attributes which allowed me to use the bootstrap menu icons e.g:

<mvcSiteMapNode title="Till" controller="Home" action="Index" area="Till" iconClass="icon-home" visibility="true">

I went a bit off-topic there, but I just wanted to highlight how flexible MvcSiteMap is.

Improve this answer

2 Comments

It's not frowned upon to post links. The more links the better. It's only a problem if your entire answer is just a link. As in just something like "This blog post has a soluton"
@ChrisPratt - fair point, but I am just conscious that if that link were to ever disappear, a fair chunk of relevant info is gone & my answer isn't so useful (if it ever was!)
0

Two things I do. Either

User.IsInRole(admin)
{link somewhere}

Or what I personally do is because I use areas I have a viewstart in area admin which links to admin shared viewmodel then in admin shared view that links to the public view.

In the admin shared view. I set up a section. Inside this section I define extra nav details what that specific role will see and add them in a list tag

Then inside public shared view I then use (on phone can't remember exact name something like)
Html.IsSectionDefined

I personally like the second method using areas and sections both would work fine but with the second I find it much cleaner and you can be so much more specific and much simpler

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.