Roles Based Access Control (RBAC) is an approach to restricting system access to authorised users. This mechanism can be used to protect users from accessing parts of the system that they do not need. It also can be used to restrict access to data which they do not need to see.In this component will refactor the RBAC framework to authenticate users using a username/password combination via ASP.NET Identity’s framework features whilst preserving role based permissions introduced in preview component
Using Technolgies:ASP.NET MVC, Asp.net Identity 2.0, MS SQL SERVER, EntityFramework, Boostrap 3, BootstrapDialog, Jquery,
- User Management System, Extended User Account Definition, including Email and contact information
- Manage Users(Add, Edit, Delete Users, Reset password,Account Confirmation via email)
- Two-Factor Authentication via email or SMS messaging
- Manage Roles(Add, Edit, Delete Roles)
- Manage users Permissions based on roles
- Users Activity Log
- Online/Offline for Maintenance Mode
Demo :Url : http://medodesign-001-site2.ftempurl.com/
Username: Admin / Password: Pa55w0rd
Username: DefaultUser / Password: S4l3su53r
Username: Guest / Password: Gu3st12
Using RBAC Identity 2.0 functionalities
In this version all methods are exposed in extending class name RBAC_IdentityExtendedMethods by using IPrincipal (namespace System.Security.Principal)
1) Action (StudentController.cs)
We can now call our exposed functionality in any controller action and/or corresponding view through the controller’s context object as illustrated below.
2) Controller Action View (Index.cshtml)
RBAC Identity functionality exposed via our RBAC_IdentityExtendedMethods class can be used in controller actions.
RBAC Identity functionality exposed via our RBAC_IdentityExtendedMethods class can be used in views. Using RBAC in a Controller’s Action Method The following listing illustrates the use of our custom “IsInRole” and “HasPermission” methods, exposed in our RBAC Identity class, in the controller’s action through the controller’s context object. We have extended these methods to the controller’s context object using extension methods defined in our RBAC_IdentityExtendedMethods class.
3) Dynamically Control Menus
The method “IsInRole” and our custom “HasPermission”, “IsSysAdmin” methods come in useful when displaying dynamic menu items. Recall that each role in our system will have a number of application ‘controller-action’ associations defined each representing a controller’s name and controller’s action name. Consider the application menu items displayed below.