I have 16 different roles and I'm trying to filter a list according to a users role. I was hoping there was a way to filter this using LINQ but I'm not sure of the best approach for this.
[HttpPost]
public ActionResult Login(int? Group, int? ListDept, int DivisionID)
{
LoginViewModel login = new LoginViewModel();
login.GroupID = Group;
login.ListDeptID = ListDept;
login.DivisionID = DivisionID;
bool rolecheck1 = false;
bool rolecheck2 = false;
bool rolecheck3 = false;
rolecheck1 = User.IsInRole("Role1");
rolecheck2 = User.IsInRole("Role2");
rolecheck3 = User.IsInRole("Role3");
if (rolecheck1 == true && login.GroupID == 1)
{
login.GroupID = 1;
}
if (rolecheck2 == true && login.GroupID == 2)
{
login.GroupID = 2;
}
if (rolecheck3 == true && login.GroupID == 3)
{
login.GroupID = 3;
}
Session["Login"] = login;
return RedirectToAction("Index", "Case");
}
After the Post it goes to an index page where I'm trying to filter those lists and I think I'm going about this completely wrong :/. Here is the Index page where I'm loading the record list. I also filter for a case that is assigned to a person and it works fine. But how do I filter those permissions to show also a record that a person has the permission for?
public ActionResult Index()
{
LoginViewModel login = new LoginViewModel();
login = (LoginViewModel)Session["Login"];
// uses the DirectorySearcher to find a users email address to use the "assignedTo" for filtering
var assignedto = User.Identity.Name.Split('\\')[1];
string emailAddr = null;
try
{
DirectorySearcher searcher = new DirectorySearcher();
searcher.Filter = string.Format("sAMAccountName={0}", assignedto);
SearchResult user = searcher.FindOne();
emailAddr = user.Properties["mail"][0].ToString();
}
catch
{
TempData["loginErrorMessage"] = String.Format("Directory Services is down or you have an invalid account");
return RedirectToAction("Login");
}
CaseListViewModel cases = new CaseListViewModel();
cases.OpenCases = db.Cases.Where(c => c.StatusID == 1 && c.AssignedTo == emailAddr || login.DivisionID == c.DivisionID && login.GroupID == c.GroupID);
cases.ClosedCases = db.Cases.Where(c => c.StatusID == 2);
// Before added email filtering for assigned to
//cases.OpenCases = db.Cases.Where(c => c.StatusID == 1);
// Loop that checks each case and compares DateTime.Now to Lockout Stamp to unlock cases
foreach (var cased in cases.OpenCases)
{
DateTime LockoutDate = new DateTime();
if (cased.Lockout_TS.HasValue)
{
LockoutDate = (DateTime)cased.Lockout_TS;
}
if (cased.LockCase == true)
{
bool shouldUnlock = (DateTime.Now - LockoutDate).TotalMinutes > 15;
//if yes, then unlock it
if (shouldUnlock)
{
cased.LockCase = false;
cased.Lockout_TS = null;
}
}
}
// End Loop
db.SaveChanges();
return View(cases);
}
Any help would be much appreciated.
Thanks Adam
You can record the association of roles to group in a dictionary and use Linq to determine the group for the user based on their role.
var roleGroupMap = new Dictionary<string, int> {
["Role1"] = 1,
["Role2"] = 2,
["Role3"] = 3
};
...
var userRole = roleGroupMap.Keys.FirstOrDefault(x => User.IsInRole(x));
if (userRole != null) {
login.GroupID = roleGroupMap[userRole];
}
This model will accommodate the user having a single role. If users can have more than one role, then the LoginViewModel will need to be modified to record a collection of groups and the associated groups.
With a collection of GroupIDs:
roleGroupMap.Keys
.Where(x => User.IsInRole(x))
.ToList()
.ForEach(x => login.GroupIDs.Add(x => User.IsInRole(x)))