Roles Based Access Control (RBAC) is an approach to restricting system access to authorised users. This mechanism can be used to protect users from accessing parts of the system that they do not need. It also can be used to restrict access to data which they do not need to see.
Using technologies:ASP.NET MVC 4, MS SQL, EntityFramework, Boostrap 3, JQuery
- Roles Base Acces Control,
- ASP .NET MVC Acl Management,
- Create, Edit, Delete Users, roles, permissions,
- Change/Reset Users password,
- Assign and manage Roles and permissions
For the test just enter the url:Url: http://medodesign-001-site1.ctempurl.com
Users: (admin/123456; demo/1234; test/1234)
Using RBAC functionalities
1) Action (StudentController.cs)
We can now call our exposed functionality in any controller action and/or corresponding view through the controller’s context object as illustrated below.
2) Controller Action View (Index.cshtml)
RBACUser functionality exposed via our RBAC_ExtendedMethods class can be used in controller actions.
RBACUser functionality exposed via our RBAC_ExtendedMethods class can be used in views. Using RBAC in a Controller’s Action Method The following listing illustrates the use of our custom “HasRole” and “HasPermission” methods, exposed in our RBACUser class, in the controller’s action through the controller’s context object. We have extended these methods to the controller’s context object using extension methods defined in our RBAC_ExtendedMethods class.
3) Dynamically Control Menus
Our custom “HasRole”, “HasPermission” and “IsSysAdmin” methods come in useful when displaying dynamic menu items. Recall that each role in our system will have a number of application ‘controller-action’ associations defined each representing a controller’s name and controller’s action name. Consider the application menu items displayed below.